[pmg-devel] [PATCH pmg-api] api: nodeconfig: validate acme config before writing

[Stoiko Ivanov]

Currently it is possible to add the same domains as different
acmedomainX keys to the node config, which prevents the user from
ordering certificates later.

This patch adds a call to get_acme_conf, which does the semantic
validation (and is also used in all other sites, which read the
config).

Reported in our community forum:
https://forum.proxmox.com/threads/lets-encrypt-cert-on-gui-not-working.91014/

quickly tested in my setup, by successfully adding the same domain
twice without the patch, and failing to do so with it applied.

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
 src/PMG/API2/NodeConfig.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/PMG/API2/NodeConfig.pm b/src/PMG/API2/NodeConfig.pm
index 284f663..bfbbacd 100644
--- a/src/PMG/API2/NodeConfig.pm
+++ b/src/PMG/API2/NodeConfig.pm
@@ -81,6 +81,9 @@ __PACKAGE__->register_method ({
 		$conf->{$opt} = $param->{$opt};
 	    }
 
+	    #validate the acme config (check for duplicates)
+	    PMG::NodeConfig::get_acme_conf($conf);
+
 	    PMG::NodeConfig::write_config($conf);
 	});
 
-- 
2.20.1