[pve-devel] [PATCH manager 2/3] api: acme: dns-plugin: conditionally pass proxy to acme.sh wrapper

Stoiko Ivanov s.ivanov at proxmox.com
Tue Nov 9 17:36:32 CET 2021


partially fixes #3536

If an acme (dns) plugin has set the 'use-proxy' flag, pass
the http_proxy configured in datacenter.cfg.

The setting is configurable for each dns-plugin, based on the
assumption that some dns-apis might be 'local' (e.g. a pdns-server in
the internal network) and communication with them must not pass
through the proxy.

The implementation follows the one in PMG

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
 PVE/API2/ACME.pm | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/PVE/API2/ACME.pm b/PVE/API2/ACME.pm
index 6e6f44f6..de6068bf 100644
--- a/PVE/API2/ACME.pm
+++ b/PVE/API2/ACME.pm
@@ -74,6 +74,13 @@ my $order_certificate = sub {
 	    die "plugin '$plugin_id' for domain '$domain' not found!\n"
 		if !$plugin_cfg;
 
+	    if ($plugin_cfg->{'use-proxy'}) {
+		my $dccfg = PVE::Cluster::cfs_read_file('datacenter.cfg');
+		if (my $http_proxy = $dccfg->{http_proxy}) {
+		    $plugin_cfg->{proxy} = $http_proxy;
+		}
+	    }
+
 	    my $data = {
 		plugin => $plugin_cfg,
 		alias => $domain_config->{alias},
-- 
2.30.2





More information about the pve-devel mailing list