acme-api: use replace_secret_config to write acme config files

Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
This commit is contained in:
Dietmar Maurer 2024-06-04 13:14:20 +02:00
parent ccbef4be87
commit 10f32d4312
2 changed files with 4 additions and 9 deletions

View File

@ -9,7 +9,7 @@ use anyhow::{bail, format_err, Error};
use serde::{Deserialize, Serialize};
use proxmox_sys::error::SysError;
use proxmox_sys::fs::{replace_file, CreateOptions};
use proxmox_product_config::replace_secret_config;
use proxmox_schema::api_types::SAFE_ID_REGEX;
@ -208,13 +208,8 @@ pub(crate) fn save_account_config(
)
})?;
replace_file(
replace_secret_config(
account_config_filename,
&data,
CreateOptions::new()
.perm(nix::sys::stat::Mode::from_bits_truncate(0o600))
.owner(nix::unistd::ROOT)
.group(nix::unistd::Gid::from_raw(0)),
true,
)
}

View File

@ -7,7 +7,7 @@ use serde_json::Value;
use proxmox_schema::{ApiType, Schema};
use proxmox_section_config::{SectionConfig, SectionConfigData, SectionConfigPlugin};
use proxmox_config_digest::ConfigDigest;
use proxmox_product_config::{ApiLockGuard, open_api_lockfile, replace_config};
use proxmox_product_config::{ApiLockGuard, open_api_lockfile, replace_secret_config};
use crate::types::{DnsPlugin, StandalonePlugin, PLUGIN_ID_SCHEMA};
@ -80,7 +80,7 @@ pub(crate) fn save_plugin_config(config: &PluginData) -> Result<(), Error> {
let plugin_cfg_filename = crate::plugin_cfg_filename();
let raw = CONFIG.write(&plugin_cfg_filename, &config.data)?;
replace_config(plugin_cfg_filename, raw.as_bytes())
replace_secret_config(plugin_cfg_filename, raw.as_bytes())
}
pub(crate) struct PluginData {