]>
git.proxmox.com Git - pve-manager.git/blob - PVE/NodeConfig.pm
1 package PVE
::NodeConfig
;
7 use PVE
::JSONSchema
qw(get_standard_option);
8 use PVE
::Tools
qw(file_get_contents file_set_contents lock_file);
11 use PVE
::API2
::ACMEPlugin
;
13 # register up to 5 domain names per node for now
16 my $node_config_lock = '/var/lock/pvenode.lock';
18 PVE
::JSONSchema
::register_format
('pve-acme-domain', sub {
19 my ($domain, $noerr) = @_;
21 my $label = qr/[a-z0-9][a-z0-9_-]*/i;
23 return $domain if $domain =~ /^$label(?:\.$label)+$/;
24 return undef if $noerr;
25 die "value '$domain' does not look like a valid domain name!\n";
28 PVE
::JSONSchema
::register_format
('pve-acme-alias', sub {
29 my ($domain, $noerr) = @_;
31 my $label = qr/[a-z0-9_][a-z0-9_-]*/i;
33 return $domain if $domain =~ /^$label(?:\.$label)+$/;
34 return undef if $noerr;
35 die "value '$domain' does not look like a valid domain name!\n";
41 return "/etc/pve/nodes/${node}/config";
47 my $filename = config_file
($node);
48 my $raw = eval { PVE
::Tools
::file_get_contents
($filename); };
51 return parse_node_config
($raw);
55 my ($node, $conf) = @_;
57 my $filename = config_file
($node);
59 my $raw = write_node_config
($conf);
61 PVE
::Tools
::file_set_contents
($filename, $raw);
65 my ($node, $realcode, @param) = @_;
67 # make sure configuration file is up-to-date
69 PVE
::Cluster
::cfs_update
();
73 my $res = lock_file
($node_config_lock, 10, $code, @param);
83 description
=> 'Node description/comment.',
88 description
=> 'MAC address for wake on LAN',
92 'startall-onboot-delay' => {
93 description
=> 'Initial delay in seconds, before starting all the Virtual Guests with on-boot enabled.',
102 my $acme_domain_desc = {
105 format
=> 'pve-acme-domain',
106 format_description
=> 'domain',
107 description
=> 'domain for this node\'s ACME certificate',
112 format
=> 'pve-configid',
113 description
=> 'The ACME plugin ID',
114 format_description
=> 'name of the plugin configuration',
116 default => 'standalone',
120 format
=> 'pve-acme-alias',
121 format_description
=> 'domain',
122 description
=> 'Alias for the Domain to verify ACME Challenge over DNS',
128 account
=> get_standard_option
('pve-acme-account-name'),
131 format
=> 'pve-acme-domain-list',
132 format_description
=> 'domain[;domain;...]',
133 description
=> 'List of domains for this node\'s ACME certificate',
138 $confdesc->{acme
} = {
140 description
=> 'Node specific ACME settings.',
145 for my $i (0..$MAXDOMAINS) {
146 $confdesc->{"acmedomain$i"} = {
148 description
=> 'ACME domain and validation plugin',
149 format
=> $acme_domain_desc,
155 my ($key, $value) = @_;
157 die "unknown setting '$key'\n" if !$confdesc->{$key};
159 my $type = $confdesc->{$key}->{type
};
161 if (!defined($value)) {
162 die "got undefined value\n";
165 if ($value =~ m/[\n\r]/) {
166 die "property contains a line feed\n";
169 if ($type eq 'boolean') {
170 return 1 if ($value eq '1') || ($value =~ m/^(on|yes|true)$/i);
171 return 0 if ($value eq '0') || ($value =~ m/^(off|no|false)$/i);
172 die "type check ('boolean') failed - got '$value'\n";
173 } elsif ($type eq 'integer') {
174 return int($1) if $value =~ m/^(\d+)$/;
175 die "type check ('integer') failed - got '$value'\n";
176 } elsif ($type eq 'number') {
177 return $value if $value =~ m/^(\d+)(\.\d+)?$/;
178 die "type check ('number') failed - got '$value'\n";
179 } elsif ($type eq 'string') {
180 if (my $fmt = $confdesc->{$key}->{format
}) {
181 PVE
::JSONSchema
::check_format
($fmt, $value);
183 } elsif (my $pattern = $confdesc->{$key}->{pattern
}) {
184 if ($value !~ m/^$pattern$/) {
185 die "value does not match the regex pattern\n";
194 sub parse_node_config
{
197 return undef if !defined($content);
200 digest
=> Digest
::SHA
::sha1_hex
($content),
204 my @lines = split(/\n/, $content);
205 foreach my $line (@lines) {
206 if ($line =~ /^\#(.*)\s*$/ || $line =~ /^description:\s*(.*\S)\s*$/) {
207 $descr .= PVE
::Tools
::decode_text
($1) . "\n";
210 if ($line =~ /^([a-z][a-z-_]*\d*):\s*(\S.*)\s*$/) {
213 $value = eval { check_type
($key, $value) };
214 die "cannot parse value of '$key' in node config: $@" if $@;
215 $conf->{$key} = $value;
217 warn "cannot parse line '$line' in node config\n";
221 $conf->{description
} = $descr if $descr;
226 sub write_node_config
{
230 # add description as comment to top of file
231 my $descr = $conf->{description
} || '';
232 foreach my $cl (split(/\n/, $descr)) {
233 $raw .= '#' . PVE
::Tools
::encode_text
($cl) . "\n";
236 for my $key (sort keys %$conf) {
237 next if ($key eq 'description');
238 next if ($key eq 'digest');
240 my $value = $conf->{$key};
241 die "detected invalid newline inside property '$key'\n"
243 $raw .= "$key: $value\n";
249 # we always convert domain values to lower case, since DNS entries are not case
250 # sensitive and ACME implementations might convert the ordered identifiers
253 my ($node_conf, $noerr) = @_;
258 if (defined($node_conf->{acme
})) {
260 PVE
::JSONSchema
::parse_property_string
($acmedesc, $node_conf->{acme
})
263 return undef if $noerr;
266 my $standalone_domains = delete($res->{domains
}) // '';
267 $res->{domains
} = {};
268 for my $domain (split(";", $standalone_domains)) {
269 $domain = lc($domain);
270 die "duplicate domain '$domain' in ACME config properties\n"
271 if defined($res->{domains
}->{$domain});
273 $res->{domains
}->{$domain}->{plugin
} = 'standalone';
274 $res->{domains
}->{$domain}->{_configkey
} = 'acme';
278 $res->{account
} //= 'default';
280 for my $index (0..$MAXDOMAINS) {
281 my $domain_rec = $node_conf->{"acmedomain$index"};
282 next if !defined($domain_rec);
285 PVE
::JSONSchema
::parse_property_string
($acme_domain_desc, $domain_rec)
288 return undef if $noerr;
291 my $domain = lc(delete $parsed->{domain
});
292 if (my $exists = $res->{domains
}->{$domain}) {
293 return undef if $noerr;
294 die "duplicate domain '$domain' in ACME config properties"
295 ." 'acmedomain$index' and '$exists->{_configkey}'\n";
297 $parsed->{plugin
} //= 'standalone';
299 my $plugin_id = $parsed->{plugin
};
300 if ($plugin_id ne 'standalone') {
301 my $plugins = PVE
::API2
::ACMEPlugin
::load_config
();
302 die "plugin '$plugin_id' for domain '$domain' not found!\n"
303 if !$plugins->{ids
}->{$plugin_id};
306 $parsed->{_configkey
} = "acmedomain$index";
307 $res->{domains
}->{$domain} = $parsed;
313 # expects that basic format verification was already done, this is more higher
316 my ($node_conf) = @_;
318 # verify ACME domain uniqueness
319 my $tmp = get_acme_conf
($node_conf);
326 sub get_nodeconfig_schema
{