]>
Commit | Line | Data |
---|---|---|
a2479cfa WB |
1 | use std::sync::Arc; |
2 | ||
3 | use failure::*; | |
4 | use futures::*; | |
5 | use hyper; | |
6 | use openssl::ssl::{SslMethod, SslAcceptor, SslFiletype}; | |
7 | ||
8 | use proxmox::tools::try_block; | |
9 | use proxmox::api::RpcEnvironmentType; | |
10 | ||
a2ca7137 | 11 | use proxmox_backup::configdir; |
4a7de56e | 12 | use proxmox_backup::buildcfg; |
e3f41f21 | 13 | use proxmox_backup::server; |
f8fd5095 | 14 | use proxmox_backup::config; |
a690ecac | 15 | use proxmox_backup::tools::daemon; |
e57e1cd8 | 16 | use proxmox_backup::server::{ApiConfig, rest::*}; |
d01e2420 | 17 | use proxmox_backup::auth_helpers::*; |
02c7a755 | 18 | |
fda5797b WB |
19 | #[tokio::main] |
20 | async fn main() { | |
21 | if let Err(err) = run().await { | |
4223d9f8 DM |
22 | eprintln!("Error: {}", err); |
23 | std::process::exit(-1); | |
24 | } | |
25 | } | |
26 | ||
fda5797b | 27 | async fn run() -> Result<(), Error> { |
02c7a755 DM |
28 | if let Err(err) = syslog::init( |
29 | syslog::Facility::LOG_DAEMON, | |
30 | log::LevelFilter::Info, | |
31 | Some("proxmox-backup-proxy")) { | |
4223d9f8 | 32 | bail!("unable to inititialize syslog - {}", err); |
02c7a755 DM |
33 | } |
34 | ||
f8fd5095 DM |
35 | config::update_self_signed_cert(false)?; |
36 | ||
d01e2420 DM |
37 | let _ = public_auth_key(); // load with lazy_static |
38 | let _ = csrf_secret(); // load with lazy_static | |
39 | ||
02c7a755 | 40 | let mut config = ApiConfig::new( |
255f378a | 41 | buildcfg::JS_DIR, &proxmox_backup::api2::ROUTER, RpcEnvironmentType::PUBLIC); |
02c7a755 DM |
42 | |
43 | // add default dirs which includes jquery and bootstrap | |
44 | // my $base = '/usr/share/libpve-http-server-perl'; | |
45 | // add_dirs($self->{dirs}, '/css/' => "$base/css/"); | |
46 | // add_dirs($self->{dirs}, '/js/' => "$base/js/"); | |
47 | // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/"); | |
48 | config.add_alias("novnc", "/usr/share/novnc-pve"); | |
49 | config.add_alias("extjs", "/usr/share/javascript/extjs"); | |
50 | config.add_alias("fontawesome", "/usr/share/fonts-font-awesome"); | |
51 | config.add_alias("xtermjs", "/usr/share/pve-xtermjs"); | |
52 | config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit"); | |
2d694f8f | 53 | config.add_alias("css", "/usr/share/javascript/proxmox-backup/css"); |
9c01e73c | 54 | config.add_alias("docs", "/usr/share/doc/proxmox-backup/html"); |
02c7a755 DM |
55 | |
56 | let rest_server = RestServer::new(config); | |
57 | ||
6d1f61b2 DM |
58 | //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes |
59 | let key_path = configdir!("/proxy.key"); | |
60 | let cert_path = configdir!("/proxy.pem"); | |
61 | ||
62 | let mut acceptor = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); | |
63 | acceptor.set_private_key_file(key_path, SslFiletype::PEM) | |
64 | .map_err(|err| format_err!("unable to read proxy key {} - {}", key_path, err))?; | |
65 | acceptor.set_certificate_chain_file(cert_path) | |
66 | .map_err(|err| format_err!("unable to read proxy cert {} - {}", cert_path, err))?; | |
67 | acceptor.check_private_key().unwrap(); | |
68 | ||
69 | let acceptor = Arc::new(acceptor.build()); | |
0d176f36 | 70 | |
a690ecac WB |
71 | let server = daemon::create_daemon( |
72 | ([0,0,0,0,0,0,0,0], 8007).into(), | |
083ff3fd | 73 | |listener, ready| { |
db0cb9ce | 74 | let connections = proxmox_backup::tools::async_io::StaticIncoming::from(listener) |
a690ecac | 75 | .map_err(Error::from) |
db0cb9ce | 76 | .try_filter_map(move |(sock, _addr)| { |
fda5797b WB |
77 | let acceptor = Arc::clone(&acceptor); |
78 | async move { | |
79 | sock.set_nodelay(true).unwrap(); | |
80 | sock.set_send_buffer_size(1024*1024).unwrap(); | |
81 | sock.set_recv_buffer_size(1024*1024).unwrap(); | |
82 | Ok(tokio_openssl::accept(&acceptor, sock) | |
83 | .await | |
84 | .ok() // handshake errors aren't be fatal, so return None to filter | |
85 | ) | |
a690ecac | 86 | } |
a690ecac | 87 | }); |
db0cb9ce | 88 | let connections = proxmox_backup::tools::async_io::HyperAccept(connections); |
083ff3fd WB |
89 | |
90 | Ok(ready | |
91 | .and_then(|_| hyper::Server::builder(connections) | |
92 | .serve(rest_server) | |
93 | .with_graceful_shutdown(server::shutdown_future()) | |
94 | .map_err(Error::from) | |
95 | ) | |
96 | .map_err(|err| eprintln!("server error: {}", err)) | |
97 | .map(|_| ()) | |
a690ecac | 98 | ) |
a2ca7137 | 99 | }, |
083ff3fd | 100 | ); |
a2ca7137 | 101 | |
d98c9a7a WB |
102 | daemon::systemd_notify(daemon::SystemdNotify::Ready)?; |
103 | ||
fda5797b WB |
104 | let init_result: Result<(), Error> = try_block!({ |
105 | server::create_task_control_socket()?; | |
106 | server::server_state_init()?; | |
107 | Ok(()) | |
108 | }); | |
d607b886 | 109 | |
fda5797b WB |
110 | if let Err(err) = init_result { |
111 | bail!("unable to start daemon - {}", err); | |
112 | } | |
e3f41f21 | 113 | |
083ff3fd | 114 | server.await?; |
fda5797b | 115 | log::info!("done - exit server"); |
e3f41f21 | 116 | |
4223d9f8 | 117 | Ok(()) |
02c7a755 | 118 | } |