[proxmox-backup.git] / src / bin / proxmox-backup-proxy.rs

use proxmox_backup::configdir;
use proxmox_backup::buildcfg;
use proxmox_backup::server;
use proxmox_backup::tools::daemon;
use proxmox_backup::api_schema::router::*;
use proxmox_backup::api_schema::config::*;
use proxmox_backup::server::rest::*;
use proxmox_backup::auth_helpers::*;

use failure::*;
use proxmox::tools::try_block;

use futures::*;

use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};
use std::sync::Arc;

use hyper;

#[tokio::main]
async fn main() {
    if let Err(err) = run().await {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
    }
}

async fn run() -> Result<(), Error> {
    if let Err(err) = syslog::init(
        syslog::Facility::LOG_DAEMON,
        log::LevelFilter::Info,
        Some("proxmox-backup-proxy")) {
        bail!("unable to inititialize syslog - {}", err);
    }

    let _ = public_auth_key(); // load with lazy_static
    let _ = csrf_secret(); // load with lazy_static

    let mut config = ApiConfig::new(
        buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC);

    // add default dirs which includes jquery and bootstrap
    // my $base = '/usr/share/libpve-http-server-perl';
    // add_dirs($self->{dirs}, '/css/' => "$base/css/");
    // add_dirs($self->{dirs}, '/js/' => "$base/js/");
    // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
    config.add_alias("novnc", "/usr/share/novnc-pve");
    config.add_alias("extjs", "/usr/share/javascript/extjs");
    config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
    config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
    config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");

    let rest_server = RestServer::new(config);

    //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
    let key_path = configdir!("/proxy.key");
    let cert_path = configdir!("/proxy.pem");

    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor.set_private_key_file(key_path, SslFiletype::PEM)
        .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?;
    acceptor.set_certificate_chain_file(cert_path)
        .map_err(|err| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
    acceptor.check_private_key().unwrap();

    let acceptor = Arc::new(acceptor.build());

    let server = daemon::create_daemon(
        ([0,0,0,0,0,0,0,0], 8007).into(),
        |listener, ready| {
            let connections = listener
                .incoming()
                .map_err(Error::from)
                .try_filter_map(move |sock| {
                    let acceptor = Arc::clone(&acceptor);
                    async move {
                        sock.set_nodelay(true).unwrap();
                        sock.set_send_buffer_size(1024*1024).unwrap();
                        sock.set_recv_buffer_size(1024*1024).unwrap();
                        Ok(tokio_openssl::accept(&acceptor, sock)
                            .await
                            .ok() // handshake errors aren't be fatal, so return None to filter
                        )
                    }
                });

            Ok(ready
                .and_then(|_| hyper::Server::builder(connections)
                    .serve(rest_server)
                    .with_graceful_shutdown(server::shutdown_future())
                    .map_err(Error::from)
                )
                .map_err(|err| eprintln!("server error: {}", err))
                .map(|_| ())
            )
        },
    );

    daemon::systemd_notify(daemon::SystemdNotify::Ready)?;

    let init_result: Result<(), Error> = try_block!({
        server::create_task_control_socket()?;
        server::server_state_init()?;
        Ok(())
    });

    if let Err(err) = init_result {
        bail!("unable to start daemon - {}", err);
    }

    server.await?;
    log::info!("done - exit server");

    Ok(())
}
Commit	Line	Data
a2ca7137	1	use proxmox_backup::configdir;
4a7de56e	2	use proxmox_backup::buildcfg;
e3f41f21	3	use proxmox_backup::server;
a690ecac	4	use proxmox_backup::tools::daemon;
dc9a007b DM	5	use proxmox_backup::api_schema::router::*;
dc9a007b DM	6	use proxmox_backup::api_schema::config::*;
02c7a755	7	use proxmox_backup::server::rest::*;
d01e2420	8	use proxmox_backup::auth_helpers::*;
02c7a755	9
0d176f36	10	use failure::*;
e18a6c9e	11	use proxmox::tools::try_block;
02c7a755	12
e3f41f21	13	use futures::*;
02c7a755	14
6d1f61b2 DM	15	use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};
6d1f61b2 DM	16	use std::sync::Arc;
6d1f61b2	17
02c7a755 DM	18	use hyper;
02c7a755 DM	19
fda5797b WB	20	#[tokio::main]
	21	async fn main() {
	22	if let Err(err) = run().await {
4223d9f8 DM	23	eprintln!("Error: {}", err);
	24	std::process::exit(-1);
	25	}
	26	}
	27
fda5797b	28	async fn run() -> Result<(), Error> {
02c7a755 DM	29	if let Err(err) = syslog::init(
	30	syslog::Facility::LOG_DAEMON,
	31	log::LevelFilter::Info,
	32	Some("proxmox-backup-proxy")) {
4223d9f8	33	bail!("unable to inititialize syslog - {}", err);
02c7a755 DM	34	}
02c7a755 DM	35
d01e2420 DM	36	let _ = public_auth_key(); // load with lazy_static
	37	let _ = csrf_secret(); // load with lazy_static
	38
02c7a755	39	let mut config = ApiConfig::new(
255f378a	40	buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC);
02c7a755 DM	41
	42	// add default dirs which includes jquery and bootstrap
	43	// my $base = '/usr/share/libpve-http-server-perl';
	44	// add_dirs($self->{dirs}, '/css/' => "$base/css/");
	45	// add_dirs($self->{dirs}, '/js/' => "$base/js/");
	46	// add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
	47	config.add_alias("novnc", "/usr/share/novnc-pve");
	48	config.add_alias("extjs", "/usr/share/javascript/extjs");
	49	config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
	50	config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
	51	config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
	52
	53	let rest_server = RestServer::new(config);
	54
6d1f61b2 DM	55	//openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
	56	let key_path = configdir!("/proxy.key");
	57	let cert_path = configdir!("/proxy.pem");
	58
	59	let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
	60	acceptor.set_private_key_file(key_path, SslFiletype::PEM)
	61	.map_err(\|err\| format_err!("unable to read proxy key {} - {}", key_path, err))?;
	62	acceptor.set_certificate_chain_file(cert_path)
	63	.map_err(\|err\| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
	64	acceptor.check_private_key().unwrap();
	65
	66	let acceptor = Arc::new(acceptor.build());
0d176f36	67
a690ecac WB	68	let server = daemon::create_daemon(
a690ecac WB	69	([0,0,0,0,0,0,0,0], 8007).into(),
083ff3fd	70	\|listener, ready\| {
a690ecac WB	71	let connections = listener
	72	.incoming()
	73	.map_err(Error::from)
fda5797b WB	74	.try_filter_map(move \|sock\| {
	75	let acceptor = Arc::clone(&acceptor);
	76	async move {
	77	sock.set_nodelay(true).unwrap();
	78	sock.set_send_buffer_size(1024*1024).unwrap();
	79	sock.set_recv_buffer_size(1024*1024).unwrap();
	80	Ok(tokio_openssl::accept(&acceptor, sock)
	81	.await
	82	.ok() // handshake errors aren't be fatal, so return None to filter
	83	)
a690ecac	84	}
a690ecac	85	});
083ff3fd WB	86
	87	Ok(ready
	88	.and_then(\|_\| hyper::Server::builder(connections)
	89	.serve(rest_server)
	90	.with_graceful_shutdown(server::shutdown_future())
	91	.map_err(Error::from)
	92	)
	93	.map_err(\|err\| eprintln!("server error: {}", err))
	94	.map(\|_\| ())
a690ecac	95	)
a2ca7137	96	},
083ff3fd	97	);
a2ca7137	98
d98c9a7a WB	99	daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
d98c9a7a WB	100
fda5797b WB	101	let init_result: Result<(), Error> = try_block!({
	102	server::create_task_control_socket()?;
	103	server::server_state_init()?;
	104	Ok(())
	105	});
d607b886	106
fda5797b WB	107	if let Err(err) = init_result {
	108	bail!("unable to start daemon - {}", err);
	109	}
e3f41f21	110
083ff3fd	111	server.await?;
fda5797b	112	log::info!("done - exit server");
e3f41f21	113
4223d9f8	114	Ok(())
02c7a755	115	}