[pve-devel] [Patch V2 acme 08/12] Create the plugin config.

Wolfgang Link w.link at proxmox.com
Tue Mar 31 12:08:47 CEST 2020 

At the moment, Proxmox has two different configurations that require different properties.
DNSChallange requires credentials for the DNSAPI.
Standalone has no settings because Letsencrypt only supports port 80 with the http-01 challenge.

Make Standalone.pm Plugin compliant.

Signed-off-by: Wolfgang Link <w.link at proxmox.com>
---
 src/PVE/ACME/Challenge.pm  | 62 ++++++++++++++++++++++++++++++++++++++
 src/PVE/ACME/StandAlone.pm | 16 ++++++++++
 2 files changed, 78 insertions(+)

diff --git a/src/PVE/ACME/Challenge.pm b/src/PVE/ACME/Challenge.pm
index 40d32b6..b261476 100644
--- a/src/PVE/ACME/Challenge.pm
+++ b/src/PVE/ACME/Challenge.pm
@@ -3,16 +3,78 @@ package PVE::ACME::Challenge;
 use strict;
 use warnings;
 
+use PVE::Cluster qw(cfs_register_file);
+use PVE::JSONSchema qw(get_standard_option);
+use PVE::Tools qw(lock_file);
+
+use base qw(PVE::SectionConfig);
+
+my $FILENAME = "/etc/pve/priv/plugins.cfg";
+
+cfs_register_file ('priv/plugins.cfg',
+		   sub { __PACKAGE__->parse_config(@_); },
+		   sub { __PACKAGE__->write_config(@_); });
+
+my $defaultData = {
+    additionalProperties => 0,
+    propertyList => {
+	id => {
+	    description => "ACME Plugin ID name",
+	    type => 'string',
+	},
+	type => {
+	    description => "ACME challenge type.",
+	    type => 'string',
+	},
+	nodes => get_standard_option('pve-node-list', { optional => 1 }),
+	disable => {
+	    description => "Flag to disable the config.",
+	    type => 'boolean',
+	    optional => 1,
+	},
+    },
+};
+
+sub private {
+    return $defaultData;
+}
+
 sub supported_challenge_types {
     return {};
 }
 
+sub load_config {
+
+    my $raw = eval { PVE::Tools::file_get_contents($FILENAME); };
+    return {} if !$raw;
+
+    return __PACKAGE__->parse_config($FILENAME, $raw);
+}
+
+sub write_conf {
+    my ($conf) = @_;
+
+    my $raw = __PACKAGE__->write_config($FILENAME, $conf);
+
+    PVE::Tools::file_set_contents($FILENAME, $raw);
+}
+
 sub setup {
     my ($class, $acme, $authorization) = @_;
 
     die "implement me\n";
 }
 
+sub lock_config {
+    my ($code, @param) = @_;
+
+    my $res = lock_file($FILENAME, 3, $code, @param);
+
+    die $@ if $@;
+
+    return $res;
+}
+
 sub teardown {
     my ($self) = @_;
 
diff --git a/src/PVE/ACME/StandAlone.pm b/src/PVE/ACME/StandAlone.pm
index f48d638..ac75184 100644
--- a/src/PVE/ACME/StandAlone.pm
+++ b/src/PVE/ACME/StandAlone.pm
@@ -12,6 +12,22 @@ sub supported_challenge_types {
     return { 'http-01' => 1 };
 }
 
+sub type {
+    return 'standalone';
+}
+
+sub properties {
+    return {
+    };
+}
+
+sub options {
+    return {
+	nodes => { optional => 1 },
+	disable => { optional => 1 },
+    };
+}
+
 sub setup {
     my ($class, $acme, $authorization) = @_;
 
-- 
2.20.1

More information about the pve-devel mailing list