PVE/API2/Subscription.pm

   1 package PVE::API2::Subscription;
   2
   3 use strict;
   4 use warnings;
   5 use Digest::MD5 qw(md5_hex md5_base64);
   6 use MIME::Base64;
   7 use HTTP::Request;
   8 use LWP::UserAgent;
   9 use JSON;
  10
  11 use PVE::Tools;
  12 use PVE::ProcFSTools;
  13 use PVE::Exception qw(raise_param_exc);
  14 use PVE::INotify;
  15 use PVE::Cluster qw (cfs_read_file cfs_write_file);
  16 use PVE::AccessControl;
  17 use PVE::Storage;
  18 use PVE::JSONSchema qw(get_standard_option);
  19
  20 use PVE::SafeSyslog;
  21 use PVE::Subscription;
  22
  23 use PVE::API2Tools;
  24 use PVE::RESTHandler;
  25
  26 use base qw(PVE::RESTHandler);
  27
  28 PVE::INotify::register_file('subscription', "/etc/subscription",
  29                             \&read_etc_pve_subscription,
  30                             \&write_etc_pve_subscription);
  31
  32 my $subscription_pattern = 'pve([1248])([cbsp])-[0-9a-f]{10}';
  33
  34 sub get_sockets {
  35     my $info = PVE::ProcFSTools::read_cpuinfo();
  36     return $info->{sockets};
  37 }
  38
  39 sub parse_key {
  40     my ($key, $noerr) = @_;
  41
  42     if ($key =~ m/^${subscription_pattern}$/) {
  43         return wantarray ? ($1, $2) : $1; # number of sockets, level
  44     }
  45     return undef if $noerr;
  46
  47     die "Wrong subscription key format\n";
  48 }
  49
  50 sub check_key {
  51     my ($key, $req_sockets) = @_;
  52
  53     my ($sockets, $level) = parse_key($key);
  54     if ($sockets < $req_sockets) {
  55         die "wrong number of sockets ($sockets < $req_sockets)\n";
  56     }
  57     return ($sockets, $level);
  58 }
  59
  60 sub read_etc_pve_subscription {
  61     my ($filename, $fh) = @_;
  62
  63     my $req_sockets = get_sockets();
  64     my $server_id = PVE::API2Tools::get_hwaddress();
  65
  66     my $info = PVE::Subscription::read_subscription($server_id, $filename, $fh);
  67
  68     return $info if $info->{status} ne 'Active';
  69
  70     my ($sockets, $level);
  71     eval { ($sockets, $level) = check_key($info->{key}, $req_sockets); };
  72     if (my $err = $@) {
  73         chomp $err;
  74         $info->{status} = 'Invalid';
  75         $info->{message} = $err;
  76     } else {
  77         $info->{level} = $level;
  78     }
  79
  80     return $info;
  81 }
  82
  83 sub write_etc_pve_subscription {
  84     my ($filename, $fh, $info) = @_;
  85
  86     my $server_id = PVE::API2Tools::get_hwaddress();
  87     PVE::Subscription::write_subscription($server_id, $filename, $fh, $info);
  88 }
  89
  90 __PACKAGE__->register_method ({
  91     name => 'get',
  92     path => '',
  93     method => 'GET',
  94     description => "Read subscription info.",
  95     proxyto => 'node',
  96     permissions => { user => 'all' },
  97     parameters => {
  98         additionalProperties => 0,
  99         properties => {
 100             node => get_standard_option('pve-node'),
 101         },
 102     },
 103     returns => { type => 'object'},
 104     code => sub {
 105         my ($param) = @_;
 106
 107         my $node = $param->{node};
 108
 109         my $rpcenv = PVE::RPCEnvironment::get();
 110         my $authuser = $rpcenv->get_user();
 111         my $has_permission = PVE::AccessControl::check_permissions($authuser, "/nodes/$node", 'Sys.Audit');
 112
 113         my $server_id = PVE::API2Tools::get_hwaddress();
 114         my $url = "http://www.proxmox.com/products/proxmox-ve/subscription-service-plans";
 115
 116         my $info = PVE::INotify::read_file('subscription');
 117         if (!$info) {
 118             my $no_subscription_info = {
 119                 status => "NotFound",
 120                 message => "There is no subscription key",
 121                 url => $url,
 122             };
 123             $no_subscription_info->{serverid} = $server_id if $has_permission;
 124             return $no_subscription_info;
 125         }
 126
 127         if (!$has_permission) {
 128             return {
 129                 status => $info->{status},
 130                 message => $info->{message},
 131                 url => $url,
 132             }
 133         }
 134
 135         $info->{serverid} = $server_id;
 136         $info->{sockets} = get_sockets();
 137         $info->{url} = $url;
 138
 139         return $info
 140     }});
 141
 142 __PACKAGE__->register_method ({
 143     name => 'update',
 144     path => '',
 145     method => 'POST',
 146     permissions => {
 147         check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
 148     },
 149     description => "Update subscription info.",
 150     proxyto => 'node',
 151     protected => 1,
 152     parameters => {
 153         additionalProperties => 0,
 154         properties => {
 155             node => get_standard_option('pve-node'),
 156             force => {
 157                 description => "Always connect to server, even if we have up to date info inside local cache.",
 158                 type => 'boolean',
 159                 optional => 1,
 160                 default => 0
 161             }
 162         },
 163     },
 164     returns => { type => 'null'},
 165     code => sub {
 166         my ($param) = @_;
 167
 168         my $info = PVE::INotify::read_file('subscription');
 169         return undef if !$info;
 170
 171         my $server_id = PVE::API2Tools::get_hwaddress();
 172         my $key = $info->{key};
 173
 174         if ($key) {
 175             PVE::Subscription::update_apt_auth($key, $server_id);
 176         }
 177
 178         if (!$param->{force} && $info->{status} eq 'Active') {
 179             my $age = time() -  $info->{checktime};
 180             return undef if $age < $PVE::Subscription::localkeydays*60*60*24;
 181         }
 182
 183         my $req_sockets = get_sockets();
 184         check_key($key, $req_sockets);
 185
 186         my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
 187         my $proxy = $dccfg->{http_proxy};
 188
 189         $info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
 190
 191         PVE::INotify::write_file('subscription', $info);
 192
 193         return undef;
 194     }});
 195
 196 __PACKAGE__->register_method ({
 197     name => 'set',
 198     path => '',
 199     method => 'PUT',
 200     permissions => {
 201         check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
 202     },
 203     description => "Set subscription key.",
 204     proxyto => 'node',
 205     protected => 1,
 206     parameters => {
 207         additionalProperties => 0,
 208         properties => {
 209             node => get_standard_option('pve-node'),
 210             key => {
 211                 description => "Proxmox VE subscription key",
 212                 type => 'string',
 213                 pattern => $subscription_pattern,
 214                 maxLength => 32,
 215             },
 216         },
 217     },
 218     returns => { type => 'null'},
 219     code => sub {
 220         my ($param) = @_;
 221
 222         my $key = PVE::Tools::trim($param->{key});
 223
 224         my $info = {
 225             status => 'New',
 226             key => $key,
 227             checktime => time(),
 228         };
 229
 230         my $req_sockets = get_sockets();
 231         my $server_id = PVE::API2Tools::get_hwaddress();
 232
 233         check_key($key, $req_sockets);
 234
 235         PVE::INotify::write_file('subscription', $info);
 236
 237         my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
 238         my $proxy = $dccfg->{http_proxy};
 239
 240         $info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
 241
 242         PVE::INotify::write_file('subscription', $info);
 243
 244         return undef;
 245     }});
 246
 247 1;