6 use openssl
::ssl
::{SslMethod, SslAcceptor, SslFiletype}
;
8 use proxmox
::tools
::try_block
;
9 use proxmox
::api
::RpcEnvironmentType
;
11 use proxmox_backup
::configdir
;
12 use proxmox_backup
::buildcfg
;
13 use proxmox_backup
::server
;
14 use proxmox_backup
::config
;
15 use proxmox_backup
::tools
::daemon
;
16 use proxmox_backup
::server
::{ApiConfig, rest::*}
;
17 use proxmox_backup
::auth_helpers
::*;
21 if let Err(err
) = run().await
{
22 eprintln
!("Error: {}", err
);
23 std
::process
::exit(-1);
27 async
fn run() -> Result
<(), Error
> {
28 if let Err(err
) = syslog
::init(
29 syslog
::Facility
::LOG_DAEMON
,
30 log
::LevelFilter
::Info
,
31 Some("proxmox-backup-proxy")) {
32 bail
!("unable to inititialize syslog - {}", err
);
35 config
::update_self_signed_cert(false)?
;
37 let _
= public_auth_key(); // load with lazy_static
38 let _
= csrf_secret(); // load with lazy_static
40 let mut config
= ApiConfig
::new(
41 buildcfg
::JS_DIR
, &proxmox_backup
::api2
::ROUTER
, RpcEnvironmentType
::PUBLIC
);
43 // add default dirs which includes jquery and bootstrap
44 // my $base = '/usr/share/libpve-http-server-perl';
45 // add_dirs($self->{dirs}, '/css/' => "$base/css/");
46 // add_dirs($self->{dirs}, '/js/' => "$base/js/");
47 // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
48 config
.add_alias("novnc", "/usr/share/novnc-pve");
49 config
.add_alias("extjs", "/usr/share/javascript/extjs");
50 config
.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
51 config
.add_alias("xtermjs", "/usr/share/pve-xtermjs");
52 config
.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
53 config
.add_alias("css", "/usr/share/javascript/proxmox-backup/css");
54 config
.add_alias("docs", "/usr/share/doc/proxmox-backup/html");
56 let rest_server
= RestServer
::new(config
);
58 //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
59 let key_path
= configdir
!("/proxy.key");
60 let cert_path
= configdir
!("/proxy.pem");
62 let mut acceptor
= SslAcceptor
::mozilla_intermediate(SslMethod
::tls()).unwrap();
63 acceptor
.set_private_key_file(key_path
, SslFiletype
::PEM
)
64 .map_err(|err
| format_err
!("unable to read proxy key {} - {}", key_path
, err
))?
;
65 acceptor
.set_certificate_chain_file(cert_path
)
66 .map_err(|err
| format_err
!("unable to read proxy cert {} - {}", cert_path
, err
))?
;
67 acceptor
.check_private_key().unwrap();
69 let acceptor
= Arc
::new(acceptor
.build());
71 let server
= daemon
::create_daemon(
72 ([0,0,0,0,0,0,0,0], 8007).into(),
74 let connections
= proxmox_backup
::tools
::async_io
::StaticIncoming
::from(listener
)
76 .try_filter_map(move |(sock
, _addr
)| {
77 let acceptor
= Arc
::clone(&acceptor
);
79 sock
.set_nodelay(true).unwrap();
80 sock
.set_send_buffer_size(1024*1024).unwrap();
81 sock
.set_recv_buffer_size(1024*1024).unwrap();
82 Ok(tokio_openssl
::accept(&acceptor
, sock
)
84 .ok() // handshake errors aren't be fatal, so return None to filter
88 let connections
= proxmox_backup
::tools
::async_io
::HyperAccept(connections
);
91 .and_then(|_
| hyper
::Server
::builder(connections
)
93 .with_graceful_shutdown(server
::shutdown_future())
96 .map_err(|err
| eprintln
!("server error: {}", err
))
102 daemon
::systemd_notify(daemon
::SystemdNotify
::Ready
)?
;
104 let init_result
: Result
<(), Error
> = try_block
!({
105 server
::create_task_control_socket()?
;
106 server
::server_state_init()?
;
110 if let Err(err
) = init_result
{
111 bail
!("unable to start daemon - {}", err
);
115 log
::info
!("done - exit server");