]>
Commit | Line | Data |
---|---|---|
a2ca7137 | 1 | use proxmox_backup::configdir; |
4223d9f8 | 2 | use proxmox_backup::tools; |
a690ecac | 3 | use proxmox_backup::tools::daemon; |
dc9a007b DM |
4 | use proxmox_backup::api_schema::router::*; |
5 | use proxmox_backup::api_schema::config::*; | |
02c7a755 | 6 | use proxmox_backup::server::rest::*; |
d01e2420 | 7 | use proxmox_backup::auth_helpers::*; |
02c7a755 | 8 | |
0d176f36 | 9 | use failure::*; |
02c7a755 DM |
10 | use lazy_static::lazy_static; |
11 | ||
0d176f36 | 12 | use futures::stream::Stream; |
a2ca7137 | 13 | use tokio::prelude::*; |
02c7a755 DM |
14 | |
15 | use hyper; | |
16 | ||
17 | fn main() { | |
18 | ||
4223d9f8 DM |
19 | if let Err(err) = run() { |
20 | eprintln!("Error: {}", err); | |
21 | std::process::exit(-1); | |
22 | } | |
23 | } | |
24 | ||
25 | fn run() -> Result<(), Error> { | |
02c7a755 DM |
26 | if let Err(err) = syslog::init( |
27 | syslog::Facility::LOG_DAEMON, | |
28 | log::LevelFilter::Info, | |
29 | Some("proxmox-backup-proxy")) { | |
4223d9f8 | 30 | bail!("unable to inititialize syslog - {}", err); |
02c7a755 DM |
31 | } |
32 | ||
d01e2420 DM |
33 | let _ = public_auth_key(); // load with lazy_static |
34 | let _ = csrf_secret(); // load with lazy_static | |
35 | ||
02c7a755 DM |
36 | lazy_static!{ |
37 | static ref ROUTER: Router = proxmox_backup::api2::router(); | |
38 | } | |
39 | ||
40 | let mut config = ApiConfig::new( | |
6285b251 | 41 | env!("PROXMOX_JSDIR"), &ROUTER, RpcEnvironmentType::PUBLIC); |
02c7a755 DM |
42 | |
43 | // add default dirs which includes jquery and bootstrap | |
44 | // my $base = '/usr/share/libpve-http-server-perl'; | |
45 | // add_dirs($self->{dirs}, '/css/' => "$base/css/"); | |
46 | // add_dirs($self->{dirs}, '/js/' => "$base/js/"); | |
47 | // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/"); | |
48 | config.add_alias("novnc", "/usr/share/novnc-pve"); | |
49 | config.add_alias("extjs", "/usr/share/javascript/extjs"); | |
50 | config.add_alias("fontawesome", "/usr/share/fonts-font-awesome"); | |
51 | config.add_alias("xtermjs", "/usr/share/pve-xtermjs"); | |
52 | config.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit"); | |
53 | ||
54 | let rest_server = RestServer::new(config); | |
55 | ||
4223d9f8 | 56 | let cert_path = configdir!("/proxy.pfx"); |
a8f268af | 57 | let raw_cert = tools::file_get_contents(cert_path)?; |
4223d9f8 DM |
58 | |
59 | let identity = match native_tls::Identity::from_pkcs12(&raw_cert, "") { | |
60 | Ok(data) => data, | |
61 | Err(err) => bail!("unabled to decode pkcs12 identity {} - {}", cert_path, err), | |
62 | }; | |
0d176f36 | 63 | |
a690ecac WB |
64 | let server = daemon::create_daemon( |
65 | ([0,0,0,0,0,0,0,0], 8007).into(), | |
66 | |listener| { | |
67 | let acceptor = native_tls::TlsAcceptor::new(identity)?; | |
68 | let acceptor = std::sync::Arc::new(tokio_tls::TlsAcceptor::from(acceptor)); | |
69 | let connections = listener | |
70 | .incoming() | |
71 | .map_err(Error::from) | |
72 | .and_then(move |sock| acceptor.accept(sock).map_err(|e| e.into())) | |
73 | .then(|r| match r { | |
74 | // accept()s can fail here with an Err() when eg. the client rejects | |
75 | // the cert and closes the connection, so we follow up with mapping | |
76 | // it to an option and then filtering None with filter_map | |
77 | Ok(c) => Ok::<_, Error>(Some(c)), | |
78 | Err(e) => { | |
79 | if let Some(_io) = e.downcast_ref::<std::io::Error>() { | |
80 | // "real" IO errors should not simply be ignored | |
81 | bail!("shutting down..."); | |
82 | } else { | |
83 | // handshake errors just get filtered by filter_map() below: | |
84 | Ok(None) | |
85 | } | |
86 | } | |
87 | }) | |
88 | .filter_map(|r| { | |
89 | // Filter out the Nones | |
90 | r | |
91 | }); | |
92 | Ok(hyper::Server::builder(connections) | |
93 | .serve(rest_server) | |
94 | .map_err(|e| eprintln!("server error: {}", e)) | |
95 | ) | |
a2ca7137 WB |
96 | }, |
97 | )?; | |
a2ca7137 | 98 | |
a690ecac | 99 | hyper::rt::run(server); |
4223d9f8 | 100 | Ok(()) |
02c7a755 | 101 | } |