]> git.proxmox.com Git - pve-manager.git/blob - PVE/API2/Subscription.pm
projects / pve-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
pve7to8: Add check for dkms modules
[pve-manager.git] / PVE / API2 / Subscription.pm
1 package PVE::API2::Subscription;
2
3 use strict;
4 use warnings;
5 use Digest::MD5 qw(md5_hex md5_base64);
6 use MIME::Base64;
7 use HTTP::Request;
8 use LWP::UserAgent;
9 use JSON;
10
11 use Proxmox::RS::Subscription;
12
13 use PVE::Tools;
14 use PVE::ProcFSTools;
15 use PVE::Exception qw(raise_param_exc);
16 use PVE::INotify;
17 use PVE::Cluster qw (cfs_read_file cfs_write_file);
18 use PVE::DataCenterConfig;
19 use PVE::AccessControl;
20 use PVE::Storage;
21 use PVE::JSONSchema qw(get_standard_option);
22
23 use PVE::SafeSyslog;
24
25 use PVE::API2Tools;
26 use PVE::RESTHandler;
27
28 use base qw(PVE::RESTHandler);
29
30 my $subscription_pattern = 'pve([1248])([cbsp])-[0-9a-f]{10}';
31 my $filename = "/etc/subscription";
32
33 sub get_sockets {
34 my $info = PVE::ProcFSTools::read_cpuinfo();
35 return $info->{sockets};
36 }
37
38 sub parse_key {
39 my ($key, $noerr) = @_;
40
41 if ($key =~ m/^${subscription_pattern}$/) {
42 return wantarray ? ($1, $2) : $1; # number of sockets, level
43 }
44 return undef if $noerr;
45
46 die "Wrong subscription key format\n";
47 }
48
49 sub check_key {
50 my ($key, $req_sockets) = @_;
51
52 my ($sockets, $level) = parse_key($key);
53 if ($sockets < $req_sockets) {
54 die "wrong number of sockets ($sockets < $req_sockets)\n";
55 }
56 return ($sockets, $level);
57 }
58
59 sub read_etc_subscription {
60 my $req_sockets = get_sockets();
61 my $server_id = PVE::API2Tools::get_hwaddress();
62
63 my $info = Proxmox::RS::Subscription::read_subscription($filename);
64
65 return $info if !$info || $info->{status} ne 'active';
66
67 my ($sockets, $level);
68 eval { ($sockets, $level) = check_key($info->{key}, $req_sockets); };
69 if (my $err = $@) {
70 chomp $err;
71 $info->{status} = 'invalid';
72 $info->{message} = $err;
73 } else {
74 $info->{level} = $level;
75 }
76
77 return $info;
78 }
79
80 sub write_etc_subscription {
81 my ($info) = @_;
82
83 my $server_id = PVE::API2Tools::get_hwaddress();
84 mkdir "/etc/apt/auth.conf.d";
85 Proxmox::RS::Subscription::write_subscription($filename, "/etc/apt/auth.conf.d/pve.conf", "enterprise.proxmox.com/debian/pve", $info);
86
87 # NOTE: preparation for easier upgrade to Proxmox VE 8, which introduced the ceph enterprise repo
88 my $ceph_auth = '';
89 for my $ceph_release ('quincy', 'reef') {
90 $ceph_auth .= "machine enterprise.proxmox.com/debian/ceph-${ceph_release}"
91 ." login $info->{key} password $info->{serverid}\n"
92 }
93 PVE::Tools::file_set_contents("/etc/apt/auth.conf.d/ceph.conf", $ceph_auth);
94 }
95
96 __PACKAGE__->register_method ({
97 name => 'get',
98 path => '',
99 method => 'GET',
100 description => "Read subscription info.",
101 proxyto => 'node',
102 permissions => { user => 'all' },
103 parameters => {
104 additionalProperties => 0,
105 properties => {
106 node => get_standard_option('pve-node'),
107 },
108 },
109 returns => { type => 'object'},
110 code => sub {
111 my ($param) = @_;
112
113 my $node = $param->{node};
114
115 my $rpcenv = PVE::RPCEnvironment::get();
116 my $authuser = $rpcenv->get_user();
117 my $has_permission = $rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1);
118
119 my $server_id = PVE::API2Tools::get_hwaddress();
120 my $url = "https://www.proxmox.com/proxmox-ve/pricing";
121
122 my $info = read_etc_subscription();
123 if (!$info) {
124 my $no_subscription_info = {
125 status => "notfound",
126 message => "There is no subscription key",
127 url => $url,
128 };
129 $no_subscription_info->{serverid} = $server_id if $has_permission;
130 return $no_subscription_info;
131 }
132
133 if (!$has_permission) {
134 return {
135 status => $info->{status},
136 message => $info->{message},
137 url => $url,
138 }
139 }
140
141 $info->{serverid} = $server_id;
142 $info->{sockets} = get_sockets();
143 $info->{url} = $url;
144
145 return $info
146 }});
147
148 __PACKAGE__->register_method ({
149 name => 'update',
150 path => '',
151 method => 'POST',
152 permissions => {
153 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
154 },
155 description => "Update subscription info.",
156 proxyto => 'node',
157 protected => 1,
158 parameters => {
159 additionalProperties => 0,
160 properties => {
161 node => get_standard_option('pve-node'),
162 force => {
163 description => "Always connect to server, even if we have up to date info inside local cache.",
164 type => 'boolean',
165 optional => 1,
166 default => 0
167 }
168 },
169 },
170 returns => { type => 'null'},
171 code => sub {
172 my ($param) = @_;
173
174 my $info = read_etc_subscription();
175 return undef if !$info;
176
177 my $server_id = PVE::API2Tools::get_hwaddress();
178 my $key = $info->{key};
179
180 die "Updating offline key not possible - please remove and re-add subscription key to switch to online key.\n"
181 if $info->{signature};
182
183 # key has been recently checked
184 return undef
185 if !$param->{force}
186 && $info->{status} eq 'active'
187 && Proxmox::RS::Subscription::check_age($info, 1)->{status} eq 'active';
188
189 my $req_sockets = get_sockets();
190 check_key($key, $req_sockets);
191
192 my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
193 my $proxy = $dccfg->{http_proxy};
194
195 $info = Proxmox::RS::Subscription::check_subscription($key, $server_id, "", "Proxmox VE", $proxy);
196
197 write_etc_subscription($info);
198
199 return undef;
200 }});
201
202 __PACKAGE__->register_method ({
203 name => 'set',
204 path => '',
205 method => 'PUT',
206 permissions => {
207 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
208 },
209 description => "Set subscription key.",
210 proxyto => 'node',
211 protected => 1,
212 parameters => {
213 additionalProperties => 0,
214 properties => {
215 node => get_standard_option('pve-node'),
216 key => {
217 description => "Proxmox VE subscription key",
218 type => 'string',
219 pattern => $subscription_pattern,
220 maxLength => 32,
221 },
222 },
223 },
224 returns => { type => 'null'},
225 code => sub {
226 my ($param) = @_;
227
228 my $key = PVE::Tools::trim($param->{key});
229
230 my $info = {
231 status => 'New',
232 key => $key,
233 checktime => time(),
234 };
235
236 my $req_sockets = get_sockets();
237 my $server_id = PVE::API2Tools::get_hwaddress();
238
239 check_key($key, $req_sockets);
240
241 write_etc_subscription($info);
242
243 my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
244 my $proxy = $dccfg->{http_proxy};
245
246 $info = Proxmox::RS::Subscription::check_subscription($key, $server_id, "", "Proxmox VE", $proxy);
247
248 write_etc_subscription($info);
249
250 return undef;
251 }});
252
253 __PACKAGE__->register_method ({
254 name => 'delete',
255 path => '',
256 method => 'DELETE',
257 permissions => {
258 check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
259 },
260 description => "Delete subscription key of this node.",
261 proxyto => 'node',
262 protected => 1,
263 parameters => {
264 additionalProperties => 0,
265 properties => {
266 node => get_standard_option('pve-node'),
267 },
268 },
269 returns => { type => 'null'},
270 code => sub {
271 my $subscription_file = '/etc/subscription';
272 return if ! -e $subscription_file;
273 unlink($subscription_file) or die "cannot delete subscription key: $!";
274 return undef;
275 }});
276
277 1;
The Proxmox VE Management API and Web UI