use LWP::UserAgent;
use JSON;
+use Proxmox::RS::Subscription;
+
use PVE::Tools;
use PVE::ProcFSTools;
use PVE::Exception qw(raise_param_exc);
use PVE::INotify;
use PVE::Cluster qw (cfs_read_file cfs_write_file);
+use PVE::DataCenterConfig;
use PVE::AccessControl;
use PVE::Storage;
use PVE::JSONSchema qw(get_standard_option);
use PVE::SafeSyslog;
-use PVE::Subscription;
use PVE::API2Tools;
use PVE::RESTHandler;
use base qw(PVE::RESTHandler);
-PVE::INotify::register_file('subscription', "/etc/subscription",
- \&read_etc_pve_subscription,
- \&write_etc_pve_subscription);
-
my $subscription_pattern = 'pve([1248])([cbsp])-[0-9a-f]{10}';
+my $filename = "/etc/subscription";
sub get_sockets {
my $info = PVE::ProcFSTools::read_cpuinfo();
return ($sockets, $level);
}
-sub read_etc_pve_subscription {
- my ($filename, $fh) = @_;
-
+sub read_etc_subscription {
my $req_sockets = get_sockets();
my $server_id = PVE::API2Tools::get_hwaddress();
- my $info = PVE::Subscription::read_subscription($server_id, $filename, $fh);
+ my $info = Proxmox::RS::Subscription::read_subscription($filename);
- return $info if $info->{status} ne 'Active';
+ return $info if !$info || $info->{status} ne 'active';
my ($sockets, $level);
eval { ($sockets, $level) = check_key($info->{key}, $req_sockets); };
if (my $err = $@) {
chomp $err;
- $info->{status} = 'Invalid';
+ $info->{status} = 'invalid';
$info->{message} = $err;
} else {
$info->{level} = $level;
return $info;
}
-sub write_etc_pve_subscription {
- my ($filename, $fh, $info) = @_;
+my sub cache_is_valid {
+ my ($info) = @_;
+
+ return if !$info || $info->{status} ne 'active';
+
+ my $checked_info = Proxmox::RS::Subscription::check_age($info, 1);
+ return $checked_info->{status} eq 'active'
+}
+
+sub write_etc_subscription {
+ my ($info) = @_;
my $server_id = PVE::API2Tools::get_hwaddress();
- PVE::Subscription::write_subscription($server_id, $filename, $fh, $info);
+ mkdir "/etc/apt/auth.conf.d";
+ Proxmox::RS::Subscription::write_subscription(
+ $filename, "/etc/apt/auth.conf.d/pve.conf", "enterprise.proxmox.com/debian/pve", $info);
+
+ # FIXME: improve this, especially the selection of valid ceph-releases
+ # NOTE: currently we should add future ceph releases as early as possible, to ensure that
+ my $ceph_auth = '';
+ for my $ceph_release ('quincy', 'reef') {
+ $ceph_auth .= "machine enterprise.proxmox.com/debian/ceph-${ceph_release}"
+ ." login $info->{key} password $info->{serverid}\n"
+ }
+ PVE::Tools::file_set_contents("/etc/apt/auth.conf.d/ceph.conf", $ceph_auth);
}
__PACKAGE__->register_method ({
my $has_permission = $rpcenv->check($authuser, "/nodes/$node", ['Sys.Audit'], 1);
my $server_id = PVE::API2Tools::get_hwaddress();
- my $url = "https://www.proxmox.com/proxmox-ve/pricing";
+ my $url = "https://www.proxmox.com/en/proxmox-virtual-environment/pricing";
- my $info = PVE::INotify::read_file('subscription');
+ my $info = read_etc_subscription();
if (!$info) {
my $no_subscription_info = {
- status => "NotFound",
+ status => "notfound",
message => "There is no subscription key",
url => $url,
};
properties => {
node => get_standard_option('pve-node'),
force => {
- description => "Always connect to server, even if we have up to date info inside local cache.",
+ description => "Always connect to server, even if local cache is still valid.",
type => 'boolean',
optional => 1,
default => 0
code => sub {
my ($param) = @_;
- my $info = PVE::INotify::read_file('subscription');
+ my $info = read_etc_subscription();
return undef if !$info;
my $server_id = PVE::API2Tools::get_hwaddress();
my $key = $info->{key};
- if ($key) {
- PVE::Subscription::update_apt_auth($key, $server_id);
- }
+ die "Updating offline key not possible - please remove and re-add subscription key to switch to online key.\n"
+ if $info->{signature};
- if (!$param->{force} && $info->{status} eq 'Active') {
- my $age = time() - $info->{checktime};
- return undef if $age < $PVE::Subscription::localkeydays*60*60*24;
- }
+ return undef if !$param->{force} && cache_is_valid($info); # key has been recently checked
my $req_sockets = get_sockets();
check_key($key, $req_sockets);
my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
my $proxy = $dccfg->{http_proxy};
- $info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
+ $info = Proxmox::RS::Subscription::check_subscription($key, $server_id, "", "Proxmox VE", $proxy);
- PVE::INotify::write_file('subscription', $info);
+ write_etc_subscription($info);
return undef;
}});
proxyto => 'node',
protected => 1,
parameters => {
- additionalProperties => 0,
+ additionalProperties => 0,
properties => {
node => get_standard_option('pve-node'),
key => {
my $key = PVE::Tools::trim($param->{key});
- my $info = {
+ my $new_info = {
status => 'New',
key => $key,
checktime => time(),
check_key($key, $req_sockets);
- PVE::INotify::write_file('subscription', $info);
+ write_etc_subscription($new_info);
my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
my $proxy = $dccfg->{http_proxy};
- $info = PVE::Subscription::check_subscription($key, $server_id, $proxy);
+ my $checked_info = Proxmox::RS::Subscription::check_subscription(
+ $key, $server_id, "", "Proxmox VE", $proxy);
- PVE::INotify::write_file('subscription', $info);
+ write_etc_subscription($checked_info);
+
+ return undef;
+ }});
+__PACKAGE__->register_method ({
+ name => 'delete',
+ path => '',
+ method => 'DELETE',
+ permissions => {
+ check => ['perm', '/nodes/{node}', [ 'Sys.Modify' ]],
+ },
+ description => "Delete subscription key of this node.",
+ proxyto => 'node',
+ protected => 1,
+ parameters => {
+ additionalProperties => 0,
+ properties => {
+ node => get_standard_option('pve-node'),
+ },
+ },
+ returns => { type => 'null'},
+ code => sub {
+ my $subscription_file = '/etc/subscription';
+ return if ! -e $subscription_file;
+ unlink($subscription_file) or die "cannot delete subscription key: $!";
return undef;
}});
projects / pve-manager.git / blobdiff