]>
Commit | Line | Data |
---|---|---|
a2ca7137 | 1 | use proxmox_backup::configdir; |
4a7de56e | 2 | use proxmox_backup::buildcfg; |
e3f41f21 | 3 | use proxmox_backup::server; |
a690ecac | 4 | use proxmox_backup::tools::daemon; |
dc9a007b DM |
5 | use proxmox_backup::api_schema::router::*; |
6 | use proxmox_backup::api_schema::config::*; | |
02c7a755 | 7 | use proxmox_backup::server::rest::*; |
d01e2420 | 8 | use proxmox_backup::auth_helpers::*; |
02c7a755 | 9 | |
0d176f36 | 10 | use failure::*; |
e18a6c9e | 11 | use proxmox::tools::try_block; |
02c7a755 | 12 | |
e3f41f21 | 13 | use futures::*; |
02c7a755 | 14 | |
6d1f61b2 DM |
15 | use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype}; |
16 | use std::sync::Arc; | |
6d1f61b2 | 17 | |
02c7a755 DM |
18 | use hyper; |
19 | ||
fda5797b WB |
20 | #[tokio::main] |
21 | async fn main() { | |
22 | if let Err(err) = run().await { | |
4223d9f8 DM |
23 | eprintln!("Error: {}", err); |
24 | std::process::exit(-1); | |
25 | } | |
26 | } | |
27 | ||
fda5797b | 28 | async fn run() -> Result<(), Error> { |
02c7a755 DM |
29 | if let Err(err) = syslog::init( |
30 | syslog::Facility::LOG_DAEMON, | |
31 | log::LevelFilter::Info, | |
32 | Some("proxmox-backup-proxy")) { | |
4223d9f8 | 33 | bail!("unable to inititialize syslog - {}", err); |
02c7a755 DM |
34 | } |
35 | ||
d01e2420 DM |
36 | let _ = public_auth_key(); // load with lazy_static |
37 | let _ = csrf_secret(); // load with lazy_static | |
38 | ||
02c7a755 | 39 | let mut config = ApiConfig::new( |
255f378a | 40 | buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC); |
02c7a755 DM |
41 | |
42 | // add default dirs which includes jquery and bootstrap | |
43 | // my $base = '/usr/share/libpve-http-server-perl'; | |
44 | // add_dirs($self->{dirs}, '/css/' => "$base/css/"); | |
45 | // add_dirs($self->{dirs}, '/js/' => "$base/js/"); | |
46 | // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/"); | |
47 | config.add_alias("novnc", "/usr/share/novnc-pve"); | |
48 | config.add_alias("extjs", "/usr/share/javascript/extjs"); | |
49 | config.add_alias("fontawesome", "/usr/share/fonts-font-awesome"); | |
50 | config.add_alias("xtermjs", "/usr/share/pve-xtermjs"); | |
51 | config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit"); | |
52 | ||
53 | let rest_server = RestServer::new(config); | |
54 | ||
6d1f61b2 DM |
55 | //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes |
56 | let key_path = configdir!("/proxy.key"); | |
57 | let cert_path = configdir!("/proxy.pem"); | |
58 | ||
59 | let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); | |
60 | acceptor.set_private_key_file(key_path, SslFiletype::PEM) | |
61 | .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?; | |
62 | acceptor.set_certificate_chain_file(cert_path) | |
63 | .map_err(|err| format_err!("unable to read proxy cert {} - {}", cert_path, err))?; | |
64 | acceptor.check_private_key().unwrap(); | |
65 | ||
66 | let acceptor = Arc::new(acceptor.build()); | |
0d176f36 | 67 | |
a690ecac WB |
68 | let server = daemon::create_daemon( |
69 | ([0,0,0,0,0,0,0,0], 8007).into(), | |
083ff3fd | 70 | |listener, ready| { |
a690ecac WB |
71 | let connections = listener |
72 | .incoming() | |
73 | .map_err(Error::from) | |
fda5797b WB |
74 | .try_filter_map(move |sock| { |
75 | let acceptor = Arc::clone(&acceptor); | |
76 | async move { | |
77 | sock.set_nodelay(true).unwrap(); | |
78 | sock.set_send_buffer_size(1024*1024).unwrap(); | |
79 | sock.set_recv_buffer_size(1024*1024).unwrap(); | |
80 | Ok(tokio_openssl::accept(&acceptor, sock) | |
81 | .await | |
82 | .ok() // handshake errors aren't be fatal, so return None to filter | |
83 | ) | |
a690ecac | 84 | } |
a690ecac | 85 | }); |
083ff3fd WB |
86 | |
87 | Ok(ready | |
88 | .and_then(|_| hyper::Server::builder(connections) | |
89 | .serve(rest_server) | |
90 | .with_graceful_shutdown(server::shutdown_future()) | |
91 | .map_err(Error::from) | |
92 | ) | |
93 | .map_err(|err| eprintln!("server error: {}", err)) | |
94 | .map(|_| ()) | |
a690ecac | 95 | ) |
a2ca7137 | 96 | }, |
083ff3fd | 97 | ); |
a2ca7137 | 98 | |
d98c9a7a WB |
99 | daemon::systemd_notify(daemon::SystemdNotify::Ready)?; |
100 | ||
fda5797b WB |
101 | let init_result: Result<(), Error> = try_block!({ |
102 | server::create_task_control_socket()?; | |
103 | server::server_state_init()?; | |
104 | Ok(()) | |
105 | }); | |
d607b886 | 106 | |
fda5797b WB |
107 | if let Err(err) = init_result { |
108 | bail!("unable to start daemon - {}", err); | |
109 | } | |
e3f41f21 | 110 | |
083ff3fd | 111 | server.await?; |
fda5797b | 112 | log::info!("done - exit server"); |
e3f41f21 | 113 | |
4223d9f8 | 114 | Ok(()) |
02c7a755 | 115 | } |