[pbs-devel] applied-series: [PATCH backup 0/7] hot-reload proxy certificates

Thomas Lamprecht t.lamprecht at proxmox.com
Tue May 11 18:11:55 CEST 2021


On 11.05.21 15:53, Wolfgang Bumiller wrote:
> This adds the ability to tell a running proxy to just reload the TLS
> cert certificates via the command-socket.
> 
> Starts off with some cleanup/refactoring to get rid of all that heavy
> indentation...
> 
> Wolfgang Bumiller (7):
>   proxy: factor out accept_connection
>   proxy: "continue on error" for the accept call, too
>   proxy: Arc usage cleanup
>   proxy: factor out tls acceptor creation
>   proxy: implement 'reload-certificate' command
>   refactor send_command
>   hot-reload proxy certificate when updating via the API
> 
>  src/api2/node/certificates.rs   |  26 ++--
>  src/bin/proxmox-backup-proxy.rs | 220 ++++++++++++++++++++------------
>  src/config.rs                   |  17 +--
>  src/server.rs                   |   9 ++
>  src/server/command_socket.rs    |  71 ++++++-----
>  src/server/worker_task.rs       |   4 +-
>  6 files changed, 204 insertions(+), 143 deletions(-)
> 

applied whole series, thanks!

I followed this up with:
* fallback to "default" account on order (check commit message, was really confusing else)
* add UI task-description entries for acme related tasks, mostly based on the ones from
  PVE, but as the worker type is spelled slightly different anyway here I took the chance
  to use a slightly nicer version there too.
* set account name as worker ID so that they can be used in by the task-descriptions
  - note: all account actions done before that commit miss it and will display "default",
    even if the account was named something else, I ignored this as we did not really
    rolled this out externally yet.





More information about the pbs-devel mailing list