[proxmox-backup.git] / src / bin / proxmox-backup-proxy.rs

use std::sync::Arc;

use failure::*;
use futures::*;
use hyper;
use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};

use proxmox::tools::try_block;
use proxmox::api::RpcEnvironmentType;

use proxmox_backup::configdir;
use proxmox_backup::buildcfg;
use proxmox_backup::server;
use proxmox_backup::tools::daemon;
use proxmox_backup::server::{ApiConfig, rest::*};
use proxmox_backup::auth_helpers::*;

#[tokio::main]
async fn main() {
    if let Err(err) = run().await {
        eprintln!("Error: {}", err);
        std::process::exit(-1);
    }
}

async fn run() -> Result<(), Error> {
    if let Err(err) = syslog::init(
        syslog::Facility::LOG_DAEMON,
        log::LevelFilter::Info,
        Some("proxmox-backup-proxy")) {
        bail!("unable to inititialize syslog - {}", err);
    }

    let _ = public_auth_key(); // load with lazy_static
    let _ = csrf_secret(); // load with lazy_static

    let mut config = ApiConfig::new(
        buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC);

    // add default dirs which includes jquery and bootstrap
    // my $base = '/usr/share/libpve-http-server-perl';
    // add_dirs($self->{dirs}, '/css/' => "$base/css/");
    // add_dirs($self->{dirs}, '/js/' => "$base/js/");
    // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
    config.add_alias("novnc", "/usr/share/novnc-pve");
    config.add_alias("extjs", "/usr/share/javascript/extjs");
    config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
    config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
    config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
    config.add_alias("css", "/usr/share/javascript/proxmox-backup/css");

    let rest_server = RestServer::new(config);

    //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
    let key_path = configdir!("/proxy.key");
    let cert_path = configdir!("/proxy.pem");

    let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
    acceptor.set_private_key_file(key_path, SslFiletype::PEM)
        .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?;
    acceptor.set_certificate_chain_file(cert_path)
        .map_err(|err| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
    acceptor.check_private_key().unwrap();

    let acceptor = Arc::new(acceptor.build());

    let server = daemon::create_daemon(
        ([0,0,0,0,0,0,0,0], 8007).into(),
        |listener, ready| {
            let connections = proxmox_backup::tools::async_io::StaticIncoming::from(listener)
                .map_err(Error::from)
                .try_filter_map(move |(sock, _addr)| {
                    let acceptor = Arc::clone(&acceptor);
                    async move {
                        sock.set_nodelay(true).unwrap();
                        sock.set_send_buffer_size(1024*1024).unwrap();
                        sock.set_recv_buffer_size(1024*1024).unwrap();
                        Ok(tokio_openssl::accept(&acceptor, sock)
                            .await
                            .ok() // handshake errors aren't be fatal, so return None to filter
                        )
                    }
                });
            let connections = proxmox_backup::tools::async_io::HyperAccept(connections);

            Ok(ready
                .and_then(|_| hyper::Server::builder(connections)
                    .serve(rest_server)
                    .with_graceful_shutdown(server::shutdown_future())
                    .map_err(Error::from)
                )
                .map_err(|err| eprintln!("server error: {}", err))
                .map(|_| ())
            )
        },
    );

    daemon::systemd_notify(daemon::SystemdNotify::Ready)?;

    let init_result: Result<(), Error> = try_block!({
        server::create_task_control_socket()?;
        server::server_state_init()?;
        Ok(())
    });

    if let Err(err) = init_result {
        bail!("unable to start daemon - {}", err);
    }

    server.await?;
    log::info!("done - exit server");

    Ok(())
}
Commit	Line	Data
a2479cfa WB	1	use std::sync::Arc;
	2
	3	use failure::*;
	4	use futures::*;
	5	use hyper;
	6	use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype};
	7
	8	use proxmox::tools::try_block;
	9	use proxmox::api::RpcEnvironmentType;
	10
a2ca7137	11	use proxmox_backup::configdir;
4a7de56e	12	use proxmox_backup::buildcfg;
e3f41f21	13	use proxmox_backup::server;
a690ecac	14	use proxmox_backup::tools::daemon;
e57e1cd8	15	use proxmox_backup::server::{ApiConfig, rest::*};
d01e2420	16	use proxmox_backup::auth_helpers::*;
02c7a755	17
fda5797b WB	18	#[tokio::main]
	19	async fn main() {
	20	if let Err(err) = run().await {
4223d9f8 DM	21	eprintln!("Error: {}", err);
	22	std::process::exit(-1);
	23	}
	24	}
	25
fda5797b	26	async fn run() -> Result<(), Error> {
02c7a755 DM	27	if let Err(err) = syslog::init(
	28	syslog::Facility::LOG_DAEMON,
	29	log::LevelFilter::Info,
	30	Some("proxmox-backup-proxy")) {
4223d9f8	31	bail!("unable to inititialize syslog - {}", err);
02c7a755 DM	32	}
02c7a755 DM	33
d01e2420 DM	34	let _ = public_auth_key(); // load with lazy_static
	35	let _ = csrf_secret(); // load with lazy_static
	36
02c7a755	37	let mut config = ApiConfig::new(
255f378a	38	buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC);
02c7a755 DM	39
	40	// add default dirs which includes jquery and bootstrap
	41	// my $base = '/usr/share/libpve-http-server-perl';
	42	// add_dirs($self->{dirs}, '/css/' => "$base/css/");
	43	// add_dirs($self->{dirs}, '/js/' => "$base/js/");
	44	// add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
	45	config.add_alias("novnc", "/usr/share/novnc-pve");
	46	config.add_alias("extjs", "/usr/share/javascript/extjs");
	47	config.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
	48	config.add_alias("xtermjs", "/usr/share/pve-xtermjs");
	49	config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
2d694f8f	50	config.add_alias("css", "/usr/share/javascript/proxmox-backup/css");
02c7a755 DM	51
	52	let rest_server = RestServer::new(config);
	53
6d1f61b2 DM	54	//openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
	55	let key_path = configdir!("/proxy.key");
	56	let cert_path = configdir!("/proxy.pem");
	57
	58	let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
	59	acceptor.set_private_key_file(key_path, SslFiletype::PEM)
	60	.map_err(\|err\| format_err!("unable to read proxy key {} - {}", key_path, err))?;
	61	acceptor.set_certificate_chain_file(cert_path)
	62	.map_err(\|err\| format_err!("unable to read proxy cert {} - {}", cert_path, err))?;
	63	acceptor.check_private_key().unwrap();
	64
	65	let acceptor = Arc::new(acceptor.build());
0d176f36	66
a690ecac WB	67	let server = daemon::create_daemon(
a690ecac WB	68	([0,0,0,0,0,0,0,0], 8007).into(),
083ff3fd	69	\|listener, ready\| {
db0cb9ce	70	let connections = proxmox_backup::tools::async_io::StaticIncoming::from(listener)
a690ecac	71	.map_err(Error::from)
db0cb9ce	72	.try_filter_map(move \|(sock, _addr)\| {
fda5797b WB	73	let acceptor = Arc::clone(&acceptor);
	74	async move {
	75	sock.set_nodelay(true).unwrap();
	76	sock.set_send_buffer_size(1024*1024).unwrap();
	77	sock.set_recv_buffer_size(1024*1024).unwrap();
	78	Ok(tokio_openssl::accept(&acceptor, sock)
	79	.await
	80	.ok() // handshake errors aren't be fatal, so return None to filter
	81	)
a690ecac	82	}
a690ecac	83	});
db0cb9ce	84	let connections = proxmox_backup::tools::async_io::HyperAccept(connections);
083ff3fd WB	85
	86	Ok(ready
	87	.and_then(\|_\| hyper::Server::builder(connections)
	88	.serve(rest_server)
	89	.with_graceful_shutdown(server::shutdown_future())
	90	.map_err(Error::from)
	91	)
	92	.map_err(\|err\| eprintln!("server error: {}", err))
	93	.map(\|_\| ())
a690ecac	94	)
a2ca7137	95	},
083ff3fd	96	);
a2ca7137	97
d98c9a7a WB	98	daemon::systemd_notify(daemon::SystemdNotify::Ready)?;
d98c9a7a WB	99
fda5797b WB	100	let init_result: Result<(), Error> = try_block!({
	101	server::create_task_control_socket()?;
	102	server::server_state_init()?;
	103	Ok(())
	104	});
d607b886	105
fda5797b WB	106	if let Err(err) = init_result {
	107	bail!("unable to start daemon - {}", err);
	108	}
e3f41f21	109
083ff3fd	110	server.await?;
fda5797b	111	log::info!("done - exit server");
e3f41f21	112
4223d9f8	113	Ok(())
02c7a755	114	}