1 use proxmox_backup
::configdir
;
2 use proxmox_backup
::server
;
3 use proxmox_backup
::tools
::daemon
;
4 use proxmox_backup
::api_schema
::router
::*;
5 use proxmox_backup
::api_schema
::config
::*;
6 use proxmox_backup
::server
::rest
::*;
7 use proxmox_backup
::auth_helpers
::*;
10 use proxmox
::tools
::try_block
;
11 use lazy_static
::lazy_static
;
15 use openssl
::ssl
::{SslMethod, SslAcceptor, SslFiletype}
;
22 if let Err(err
) = run().await
{
23 eprintln
!("Error: {}", err
);
24 std
::process
::exit(-1);
28 async
fn run() -> Result
<(), Error
> {
29 if let Err(err
) = syslog
::init(
30 syslog
::Facility
::LOG_DAEMON
,
31 log
::LevelFilter
::Info
,
32 Some("proxmox-backup-proxy")) {
33 bail
!("unable to inititialize syslog - {}", err
);
36 let _
= public_auth_key(); // load with lazy_static
37 let _
= csrf_secret(); // load with lazy_static
40 static ref ROUTER
: Router
= proxmox_backup
::api2
::router();
43 let mut config
= ApiConfig
::new(
44 env
!("PROXMOX_JSDIR"), &ROUTER
, RpcEnvironmentType
::PUBLIC
);
46 // add default dirs which includes jquery and bootstrap
47 // my $base = '/usr/share/libpve-http-server-perl';
48 // add_dirs($self->{dirs}, '/css/' => "$base/css/");
49 // add_dirs($self->{dirs}, '/js/' => "$base/js/");
50 // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
51 config
.add_alias("novnc", "/usr/share/novnc-pve");
52 config
.add_alias("extjs", "/usr/share/javascript/extjs");
53 config
.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
54 config
.add_alias("xtermjs", "/usr/share/pve-xtermjs");
55 config
.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
57 let rest_server
= RestServer
::new(config
);
59 //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
60 let key_path
= configdir
!("/proxy.key");
61 let cert_path
= configdir
!("/proxy.pem");
63 let mut acceptor
= SslAcceptor
::mozilla_intermediate(SslMethod
::tls()).unwrap();
64 acceptor
.set_private_key_file(key_path
, SslFiletype
::PEM
)
65 .map_err(|err
| format_err
!("unable to read proxy key {} - {}", key_path
, err
))?
;
66 acceptor
.set_certificate_chain_file(cert_path
)
67 .map_err(|err
| format_err
!("unable to read proxy cert {} - {}", cert_path
, err
))?
;
68 acceptor
.check_private_key().unwrap();
70 let acceptor
= Arc
::new(acceptor
.build());
72 let server
= daemon
::create_daemon(
73 ([0,0,0,0,0,0,0,0], 8007).into(),
75 let connections
= listener
78 .try_filter_map(move |sock
| {
79 let acceptor
= Arc
::clone(&acceptor
);
81 sock
.set_nodelay(true).unwrap();
82 sock
.set_send_buffer_size(1024*1024).unwrap();
83 sock
.set_recv_buffer_size(1024*1024).unwrap();
84 Ok(tokio_openssl
::accept(&acceptor
, sock
)
86 .ok() // handshake errors aren't be fatal, so return None to filter
90 Ok(hyper
::Server
::builder(connections
)
92 .with_graceful_shutdown(server
::shutdown_future())
93 .map_err(|err
| eprintln
!("server error: {}", err
))
99 daemon
::systemd_notify(daemon
::SystemdNotify
::Ready
)?
;
101 let init_result
: Result
<(), Error
> = try_block
!({
102 server
::create_task_control_socket()?
;
103 server
::server_state_init()?
;
107 if let Err(err
) = init_result
{
108 bail
!("unable to start daemon - {}", err
);
112 log
::info
!("done - exit server");