[pve-devel] [Patch V3 manager 1/8] Use the plugin architecture.
Wolfgang Link
w.link at proxmox.com
Thu Apr 16 07:18:21 CEST 2020
And remove the call of standalone plugin directly.
Prepare all necessary data for the plugin.
Signed-off-by: Wolfgang Link <w.link at proxmox.com>
---
PVE/API2/ACME.pm | 35 +++++++++++++++++++++++++++--------
1 file changed, 27 insertions(+), 8 deletions(-)
diff --git a/PVE/API2/ACME.pm b/PVE/API2/ACME.pm
index b1bb6261..e69a563b 100644
--- a/PVE/API2/ACME.pm
+++ b/PVE/API2/ACME.pm
@@ -4,7 +4,6 @@ use strict;
use warnings;
use PVE::ACME;
-use PVE::ACME::StandAlone;
use PVE::CertHelpers;
use PVE::Certificate;
use PVE::Exception qw(raise raise_param_exc);
@@ -51,20 +50,39 @@ my $order_certificate = sub {
print "Placing ACME order\n";
my ($order_url, $order) = $acme->new_order($domains);
print "Order URL: $order_url\n";
+ my $index = 0;
for my $auth_url (@{$order->{authorizations}}) {
print "\nGetting authorization details from '$auth_url'\n";
my $auth = $acme->get_authorization($auth_url);
+ my $domain = $auth->{identifier}->{value};
if ($auth->{status} eq 'valid') {
- print "... already validated!\n";
+ $domain = %{@{$order->{identifiers}}[$index]}{value};
+ print "$domain is already validated!\n";
} else {
- print "... pending!\n";
- print "Setting up webserver\n";
- my $validation = eval { PVE::ACME::StandAlone->setup($acme, $auth) };
- die "failed setting up webserver - $@\n" if $@;
+ print "The validation for $domain is pending!\n";
+
+ my ($plugin_type, $plugin_config) = &$get_plugin_type($domain, $acme_node_config);
+
+ my $plugin = PVE::ACME::Challenge->lookup($plugin_type);
+
+ my $challenge = $plugin->extract_challenge($auth->{challenges});
+ my $key_auth = $acme->key_authorization($challenge->{token});
+ my $data = {
+ key_authorization => $key_auth,
+ token => $challenge->{token},
+ url => $challenge->{url},
+ domain => $domain,
+ };
+
+ foreach my $key (keys %$plugin_config) {
+ $data->{plugin}->{$key} = $plugin_config->{$key};
+ }
+
+ $plugin->setup($data);
print "Triggering validation\n";
eval {
- $acme->request_challenge_validation($validation->{url}, $validation->{key_auth});
+ $acme->request_challenge_validation($data->{url}, $data->{key_authorization});
print "Sleeping for 5 seconds\n";
sleep 5;
while (1) {
@@ -81,10 +99,11 @@ my $order_certificate = sub {
}
};
my $err = $@;
- eval { $validation->teardown() };
+ eval { $plugin->teardown($data) };
warn "$@\n" if $@;
die $err if $err;
}
+ $index++;
}
print "\nAll domains validated!\n";
print "\nCreating CSR\n";
--
2.20.1
More information about the pve-devel
mailing list