1 use proxmox_backup
::try_block
;
2 use proxmox_backup
::configdir
;
3 use proxmox_backup
::server
;
4 use proxmox_backup
::tools
::daemon
;
5 use proxmox_backup
::api_schema
::router
::*;
6 use proxmox_backup
::api_schema
::config
::*;
7 use proxmox_backup
::server
::rest
::*;
8 use proxmox_backup
::auth_helpers
::*;
11 use lazy_static
::lazy_static
;
14 use futures
::stream
::Stream
;
16 use openssl
::ssl
::{SslMethod, SslAcceptor, SslFiletype}
;
18 use tokio_openssl
::SslAcceptorExt
;
24 if let Err(err
) = run() {
25 eprintln
!("Error: {}", err
);
26 std
::process
::exit(-1);
30 fn run() -> Result
<(), Error
> {
31 if let Err(err
) = syslog
::init(
32 syslog
::Facility
::LOG_DAEMON
,
33 log
::LevelFilter
::Info
,
34 Some("proxmox-backup-proxy")) {
35 bail
!("unable to inititialize syslog - {}", err
);
38 let _
= public_auth_key(); // load with lazy_static
39 let _
= csrf_secret(); // load with lazy_static
42 static ref ROUTER
: Router
= proxmox_backup
::api2
::router();
45 let mut config
= ApiConfig
::new(
46 env
!("PROXMOX_JSDIR"), &ROUTER
, RpcEnvironmentType
::PUBLIC
);
48 // add default dirs which includes jquery and bootstrap
49 // my $base = '/usr/share/libpve-http-server-perl';
50 // add_dirs($self->{dirs}, '/css/' => "$base/css/");
51 // add_dirs($self->{dirs}, '/js/' => "$base/js/");
52 // add_dirs($self->{dirs}, '/fonts/' => "$base/fonts/");
53 config
.add_alias("novnc", "/usr/share/novnc-pve");
54 config
.add_alias("extjs", "/usr/share/javascript/extjs");
55 config
.add_alias("fontawesome", "/usr/share/fonts-font-awesome");
56 config
.add_alias("xtermjs", "/usr/share/pve-xtermjs");
57 config
.add_alias("widgettoolkit", "/usr/share/javascript/proxmox-widget-toolkit");
59 let rest_server
= RestServer
::new(config
);
61 //openssl req -x509 -newkey rsa:4096 -keyout /etc/proxmox-backup/proxy.key -out /etc/proxmox-backup/proxy.pem -nodes
62 let key_path
= configdir
!("/proxy.key");
63 let cert_path
= configdir
!("/proxy.pem");
65 let mut acceptor
= SslAcceptor
::mozilla_intermediate(SslMethod
::tls()).unwrap();
66 acceptor
.set_private_key_file(key_path
, SslFiletype
::PEM
)
67 .map_err(|err
| format_err
!("unable to read proxy key {} - {}", key_path
, err
))?
;
68 acceptor
.set_certificate_chain_file(cert_path
)
69 .map_err(|err
| format_err
!("unable to read proxy cert {} - {}", cert_path
, err
))?
;
70 acceptor
.check_private_key().unwrap();
72 let acceptor
= Arc
::new(acceptor
.build());
74 let server
= daemon
::create_daemon(
75 ([0,0,0,0,0,0,0,0], 8007).into(),
77 let connections
= listener
80 .and_then(move |sock
| {
81 sock
.set_nodelay(true).unwrap();
82 sock
.set_send_buffer_size(1024*1024).unwrap();
83 sock
.set_recv_buffer_size(1024*1024).unwrap();
84 acceptor
.accept_async(sock
).map_err(|e
| e
.into())
87 // accept()s can fail here with an Err() when eg. the client rejects
88 // the cert and closes the connection, so we follow up with mapping
89 // it to an option and then filtering None with filter_map
90 Ok(c
) => Ok
::<_
, Error
>(Some(c
)),
92 if let Some(_io
) = e
.downcast_ref
::<std
::io
::Error
>() {
93 // "real" IO errors should not simply be ignored
94 bail
!("shutting down...");
96 // handshake errors just get filtered by filter_map() below:
102 // Filter out the Nones
106 Ok(hyper
::Server
::builder(connections
)
108 .with_graceful_shutdown(server
::shutdown_future())
109 .map_err(|err
| eprintln
!("server error: {}", err
))
114 daemon
::systemd_notify(daemon
::SystemdNotify
::Ready
)?
;
118 let init_result
: Result
<(), Error
> = try_block
!({
119 server
::create_task_control_socket()?
;
120 server
::server_state_init()?
;
124 if let Err(err
) = init_result
{
125 eprintln
!("unable to start daemon - {}", err
);
127 tokio
::spawn(server
.then(|_
| {
128 log
::info
!("done - exit server");