342 lines
8.6 KiB
Perl
Executable File
342 lines
8.6 KiB
Perl
Executable File
#!/usr/bin/perl -T -w
|
|
|
|
$ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
|
|
|
|
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
|
|
|
|
use strict;
|
|
use English;
|
|
use Getopt::Long;
|
|
use POSIX ":sys_wait_h";
|
|
use Socket;
|
|
use IO::Socket::INET;
|
|
use PVE::SafeSyslog;
|
|
use PVE::APIDaemon;
|
|
use HTTP::Response;
|
|
use Encode;
|
|
use URI;
|
|
use URI::QueryParam;
|
|
use File::Find;
|
|
use Data::Dumper;
|
|
use Net::IP;
|
|
|
|
my $pidfile = "/var/run/pveproxy/pveproxy.pid";
|
|
my $lockfile = "/var/lock/pveproxy.lck";
|
|
|
|
my $opt_debug;
|
|
my $opt_allow_from;
|
|
my $opt_deny_from;
|
|
my $opt_policy;
|
|
|
|
initlog ('pveproxy');
|
|
|
|
if (!GetOptions ('allow-from=s@' => \$opt_allow_from,
|
|
'deny-from=s@' => \$opt_deny_from,
|
|
'policy=s' => \$opt_policy,
|
|
'debug' => \$opt_debug)) {
|
|
die "usage: $0 [--allow-from CIDR{,CIRD}] [--deny-from CIDR{,CIRD}] [--policy (allow|deny)] [--debug]\n";
|
|
}
|
|
|
|
$opt_deny_from = [ split(/,/, join(',', @$opt_deny_from)) ] if $opt_deny_from;
|
|
$opt_allow_from = [ split(/,/, join(',', @$opt_allow_from)) ] if $opt_allow_from;
|
|
|
|
die "unknown policy '$opt_policy'\n" if $opt_policy && $opt_policy !~ m/^(allow|deny)$/;
|
|
|
|
if ($opt_deny_from) {
|
|
my $ips = [];
|
|
foreach my $ip (@$opt_deny_from) {
|
|
$ip = "0/0" if $ip eq 'all';
|
|
push @$ips, Net::IP->new($ip) || die Net::IP::Error() . "\n";
|
|
}
|
|
|
|
$opt_deny_from = $ips;
|
|
}
|
|
|
|
if ($opt_allow_from) {
|
|
my $ips = [];
|
|
foreach my $ip (@$opt_allow_from) {
|
|
$ip = "0/0" if $ip eq 'all';
|
|
push @$ips, Net::IP->new($ip) || die Net::IP::Error() . "\n";
|
|
}
|
|
$opt_allow_from = $ips;
|
|
}
|
|
|
|
$SIG{'__WARN__'} = sub {
|
|
my $err = $@;
|
|
my $t = $_[0];
|
|
chomp $t;
|
|
syslog('warning', "WARNING: %s", $t);
|
|
$@ = $err;
|
|
};
|
|
|
|
$0 = "pveproxy";
|
|
|
|
# run as www-data
|
|
my $gid = getgrnam('www-data') || die "getgrnam failed - $!\n";
|
|
POSIX::setgid($gid) || die "setgid $gid failed - $!\n";
|
|
$EGID = "$gid $gid"; # this calls setgroups
|
|
my $uid = getpwnam('www-data') || die "getpwnam failed - $!\n";
|
|
POSIX::setuid($uid) || die "setuid $uid failed - $!\n";
|
|
|
|
# just to be sure
|
|
die "detected strange uid/gid\n" if !($UID == $uid && $EUID == $uid && $GID eq "$gid $gid" && $EGID eq "$gid $gid");
|
|
|
|
sub add_dirs {
|
|
my ($result_hash, $alias, $subdir) = @_;
|
|
|
|
$result_hash->{$alias} = $subdir;
|
|
|
|
my $wanted = sub {
|
|
my $dir = $File::Find::dir;
|
|
if ($dir =~m!^$subdir(.*)$!) {
|
|
my $name = "$alias$1/";
|
|
$result_hash->{$name} = "$dir/";
|
|
}
|
|
};
|
|
|
|
find({wanted => $wanted, follow => 0, no_chdir => 1}, $subdir);
|
|
}
|
|
|
|
my $cpid;
|
|
my $daemon;
|
|
eval {
|
|
|
|
my $dirs = {};
|
|
|
|
add_dirs($dirs, '/pve2/ext4/', '/usr/share/pve-manager/ext4/');
|
|
add_dirs($dirs, '/pve2/images/' => '/usr/share/pve-manager/images/');
|
|
add_dirs($dirs, '/pve2/css/' => '/usr/share/pve-manager/css/');
|
|
add_dirs($dirs, '/vncterm/' => '/usr/share/vncterm/');
|
|
|
|
$daemon = PVE::APIDaemon->new(
|
|
port => 8006,
|
|
keep_alive => 100,
|
|
max_conn => 500,
|
|
max_requests => 1000,
|
|
debug => $opt_debug,
|
|
allow_from => $opt_allow_from,
|
|
deny_from => $opt_deny_from,
|
|
policy => $opt_policy,
|
|
trusted_env => 0, # not trusted, anyone can connect
|
|
logfile => '/var/log/pveproxy/access.log',
|
|
lockfile => $lockfile,
|
|
ssl => {
|
|
key_file => '/etc/pve/local/pve-ssl.key',
|
|
cert_file => '/etc/pve/local/pve-ssl.pem',
|
|
},
|
|
# Note: there is no authentication for those pages and dirs!
|
|
pages => {
|
|
'/' => \&get_index,
|
|
# avoid authentication when accessing favicon
|
|
'/favicon.ico' => {
|
|
file => '/usr/share/pve-manager/images/favicon.ico',
|
|
},
|
|
},
|
|
dirs => $dirs,
|
|
);
|
|
};
|
|
|
|
my $err = $@;
|
|
|
|
if ($err) {
|
|
syslog ('err' , "unable to start server: $err");
|
|
print STDERR $err;
|
|
exit (-1);
|
|
}
|
|
|
|
|
|
if ($opt_debug || !($cpid = fork ())) {
|
|
|
|
$SIG{PIPE} = 'IGNORE';
|
|
$SIG{INT} = 'IGNORE' if !$opt_debug;
|
|
|
|
$SIG{TERM} = $SIG{QUIT} = sub {
|
|
syslog ('info' , "server closing");
|
|
|
|
$SIG{INT} = 'DEFAULT';
|
|
|
|
unlink "$pidfile" if !$opt_debug;
|
|
|
|
exit (0);
|
|
};
|
|
|
|
syslog ('info' , "starting server");
|
|
|
|
if (!$opt_debug) {
|
|
# redirect STDIN/STDOUT/SDTERR to /dev/null
|
|
open STDIN, '</dev/null' || die "can't read /dev/null [$!]";
|
|
open STDOUT, '>/dev/null' || die "can't write /dev/null [$!]";
|
|
open STDERR, '>&STDOUT' || die "can't open STDERR to STDOUT [$!]";
|
|
}
|
|
|
|
POSIX::setsid();
|
|
|
|
eval {
|
|
$daemon->start_server();
|
|
};
|
|
my $err = $@;
|
|
|
|
if ($err) {
|
|
syslog ('err' , "unexpected server error: $err");
|
|
print STDERR $err if $opt_debug;
|
|
exit (-1);
|
|
}
|
|
|
|
} else {
|
|
|
|
open (PIDFILE, ">$pidfile") ||
|
|
die "cant write '$pidfile' - $! :ERROR";
|
|
print PIDFILE "$cpid\n";
|
|
close (PIDFILE) ||
|
|
die "cant write '$pidfile' - $! :ERROR";
|
|
}
|
|
|
|
exit (0);
|
|
|
|
# NOTE: Requests to those pages are not authenticated
|
|
# so we must be very careful here
|
|
|
|
sub get_index {
|
|
my ($server, $r, $args) = @_;
|
|
|
|
my $lang = 'en';
|
|
my $username;
|
|
my $token = 'null';
|
|
|
|
if (my $cookie = $r->header('Cookie')) {
|
|
if (my $newlang = ($cookie =~ /(?:^|\s)PVELangCookie=([^;]*)/)[0]) {
|
|
if ($newlang =~ m/^[a-z]{2,3}(_[A-Z]{2,3})?$/) {
|
|
$lang = $newlang;
|
|
}
|
|
}
|
|
my $ticket = PVE::REST::extract_auth_cookie($cookie);
|
|
if (($username = PVE::AccessControl::verify_ticket($ticket, 1))) {
|
|
$token = PVE::AccessControl::assemble_csrf_prevention_token($username);
|
|
}
|
|
}
|
|
|
|
my $workspace = defined($args->{console}) ?
|
|
"PVE.ConsoleWorkspace" : "PVE.StdWorkspace";
|
|
|
|
$username = '' if !$username;
|
|
|
|
my $jssrc = <<_EOJS;
|
|
if (!PVE) PVE = {};
|
|
PVE.UserName = '$username';
|
|
PVE.CSRFPreventionToken = '$token';
|
|
_EOJS
|
|
|
|
my $langfile = "/usr/share/pve-manager/ext4/locale/ext-lang-${lang}.js";
|
|
$jssrc .= PVE::Tools::file_get_contents($langfile) if -f $langfile;
|
|
|
|
my $i18nsrc;
|
|
$langfile = "/usr/share/pve-manager/root/pve-lang-${lang}.js";
|
|
if (-f $langfile) {
|
|
$i18nsrc = PVE::Tools::file_get_contents($langfile);
|
|
} else {
|
|
$i18nsrc = 'function gettext(buf) { return buf; }';
|
|
}
|
|
|
|
$jssrc .= <<_EOJS;
|
|
|
|
// we need this (the java applet ignores the zindex)
|
|
Ext.useShims = true;
|
|
|
|
Ext.History.fieldid = 'x-history-field';
|
|
|
|
Ext.onReady(function() { Ext.create('$workspace');});
|
|
|
|
_EOJS
|
|
|
|
my $page = <<_EOD;
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
|
|
<title>Proxmox Virtual Environment</title>
|
|
|
|
<link rel="stylesheet" type="text/css" href="/pve2/ext4/resources/css/ext-all.css" />
|
|
<link rel="stylesheet" type="text/css" href="/pve2/css/ext-pve.css" />
|
|
|
|
<script type="text/javascript">$i18nsrc</script>
|
|
<script type="text/javascript" src="/pve2/ext4/ext-all-debug.js"></script>
|
|
<script type="text/javascript" src="/pve2/ext4/pvemanagerlib.js"></script>
|
|
<script type="text/javascript">$jssrc</script>
|
|
|
|
</head>
|
|
<body>
|
|
<!-- Fields required for history management -->
|
|
<form id="history-form" class="x-hidden">
|
|
<input type="hidden" id="x-history-field"/>
|
|
</form>
|
|
</body>
|
|
</html>
|
|
_EOD
|
|
|
|
my $resp = HTTP::Response->new(200, "OK", undef, $page);
|
|
|
|
return $resp;
|
|
}
|
|
|
|
__END__
|
|
|
|
=head1 NAME
|
|
|
|
pveproxy - the PVE API proxy server
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
pveproxy [--allow-from CIDR{,CIRD}] [--deny-from CIDR{,CIRD}] [--policy (allow|deny)] [--debug]
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
This is the REST API proxy server, listening on port 8006. This is usually started
|
|
as service using:
|
|
|
|
# service pveproxy start
|
|
|
|
=head1 Host based access control
|
|
|
|
Options '--allow-from', '--deny-from' and '--policy' can be used to set up
|
|
apache2 like access control. If started as service, those values are read
|
|
from file /etc/default/pveproxy. For example:
|
|
|
|
ALLOW_FROM="10.0.0.1-10.0.0.5,192.168.0.0/22"
|
|
DENY_FROM="all"
|
|
POLICY="allow"
|
|
|
|
IP addresses can be specified using any syntax understoop by Net::IP. The
|
|
name 'all' is an alias for '0/0'.
|
|
|
|
The default policy is 'allow'.
|
|
|
|
Match | POLICY=deny | POLICY=allow
|
|
---------------------------|-------------|------------
|
|
Match Allow only | allow | allow
|
|
Match Deny only | deny | deny
|
|
No match | deny | allow
|
|
Match Both Allow & Deny | deny | allow
|
|
|
|
=head1 FILES
|
|
|
|
/etc/default/pveproxy
|
|
|
|
=head1 COPYRIGHT AND DISCLAIMER
|
|
|
|
Copyright (C) 2007-2013 Proxmox Server Solutions GmbH
|
|
|
|
This program is free software: you can redistribute it and/or modify it
|
|
under the terms of the GNU Affero General Public License as published
|
|
by the Free Software Foundation, either version 3 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Affero General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Affero General Public
|
|
License along with this program. If not, see
|
|
<http://www.gnu.org/licenses/>.
|
|
|