OOMPolicy [0] defaults to stop - resulting in the complete daemon to
be killed.
Our Daemon class does start new workers automatically if it detects
that fewer than configured are running.
[0] systemd.service(5)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
user experience benefits when we restart pmgdaemon and pmgproxy if
they get terminated abnormally (now observed with oom-kills).
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
instead of accumulating the whole output of 'mini-journalreader' in
the api call (this can be quite big), use the download mechanic of the
http-server to stream the output to the client.
we lose some error handling possibilities, but we do not have
to allocate anything here, and since perl does not free memory after
allocating[0] this is our desired behaviour.
to keep api compatiblitiy, we need to give the journalreader the '-j'
flag to let it output json.
also tell the http server that the encoding is gzip and pipe
the output through it.
0: https://perldoc.perl.org/perlfaq3#How-can-I-free-an-array-or-hash-so-my-program-shrinks?
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
having a trailing '.' in the search domain is perfectly legal syntax
(for domain names in general). postfix refuses to use a fqdn with
trailing dot as hostname[0].
The restriction might be due to section 2.3.5 (Domain Names) of
RFC5321 (a top-level domain is a single string without any dots) [1]
[0] src/util/valid_hostname.c in the postfix source
[1] https://datatracker.ietf.org/doc/html/rfc5321#section-2.3.5
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
use the complete config, not only the one from the parameters.
This is necessary to use the saved bindpw when it's not sent
via the api.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
if we detect an entry with a value that is identical, return that id
instead of adding it again to the db.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
The package that ships the service is the same as the one that ships
the binaries, so quite the useless check and a remainder from initial
switch from sysv to systemd in ~2015 (when it was not 100% clear
what/how systemd features should be integrated or units encoded).
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
while we indirectly got that by the remote-fs ordering constraint its
better to encode it explicitly, especially as the remote-fs does not
make much sense and may get removed soon
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
won't happen normally but it can happen now, as we do not plainly die
anymore if gai fails but do some more flexible fallback.
it's considered bad to generally die from such things, i.e., like
panic in rust, we want to just avoid that normally.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This is actually buggy and can lead to unexpected issues as in the
case the check on the declared variable did not evaluates to true it
gets (or better keeps) the value from the previous time when it was
actually assigned. Found with perlcritic, which reports the highest
severity for this mistake.
Refactor out the "is current file equal to generated config" check
which fixes three instances of that on its own and reduces code bloat
a bit.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
basically only useful for setups using (hopefully static) DHCP for
the PMG host, but we can have that in evaluation, especially when
using CTs or installing on top of a plain Debian.
This was favored over adding an After=network-online.target order
constraint for the pmgbanner service, as it'd delay the console-getty
service needlessly in most setups
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
get_ip_from_hostname does only check getaddrinfo, which can fail for
the local node in some environments, especially container ones.
Rather, use the new get_local_ip helper, that still tries to do a gai
call first, but falls back to configured (/etc/network/interfaces)
IPs and also on the currently, from kernel POV active ones.
A big bonus is that the new helper is much less likely to die, so it
won't break service startup in restricted (CTs) envs after initial
setup as often anymore.
While yes, if no addr is resolved, configured or active the PMG won't
work, but killing pmg proxy/daemon won't better that situation either
;)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
it wrongly uses the permission model from PVE, which caused the
endpoints to be root-only as a side effect, since PMG API doesn't
recognize the PVE-specific permissions.
fix those to allow PMG users with administrator role to add/delete
repositories, and auditor role to view the repositories.
reported in a forum thread [0]
[0]:
https://forum.proxmox.com/threads/no-apt-repo-information-for-non-root-on-the-web-gui.95217/
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Like most of the other call here, copied over from PVE, with the SDN
stuff dropped and some task-log feedback if we actually moved a
pending change in. Also adding error handling for the rename, both
should be added to PVE too.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
ssh public keys are base64 encoded, thus can potentially contain =.
until now the RSA keys generated by Debian were 2048 bits long and did
not need padding
with bullseye (openssh (1:8.0p1-1)) the RSA keysize got increased to
3072 bits, and now does contain a =
noticed while trying to join a PMG container from a bullseye template
to my existing cluster (the error happens on the new node).
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
else the api-viewer's dumper may get a false-positive change every
time we update the schema there
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we use `get_acme_conf` as higher level sanity checker (e.g. to ensure
that wildcard certificates have a configured DNS plugin)
(adapted from pve-manger (where this is done in the corresponding API
call)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Let's Encrypt currently only issues wildcard certificates if the
domain ownership is validated via a dns-01 type plugin.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Wildcard DNS names (*.domain.example) are validated through their
base-domain (domain.example) according to the ACME RFC [0].
We store the indirection while parsing the acme config, and check for
an extra validation target during ordering.
This makes it possible to order wildcard certificates which are not
valid for the base-domain.
[0] https://tools.ietf.org/html/rfc8555#section-7.1.3
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
clamav recently started yielding 429 (too many requests) response
codes on even comparatively low attempts to download the complete
signature files (cvd)(see [0]), instead of the incremental changes
(cdiff) (see [1] for some background)
changing the default to scriptedupdates (a.k.a. cdiff download) seems
sensible for most situations.
[0] https://docs.clamav.net/faq/faq-freshclam.html
[1] https://blog.clamav.net/2021/03/clamav-cvds-cdiffs-and-magic-behind.html
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2 errors were introduced in 4f06ff8ac2:
* a typo in the postgresql service name
* it missed the other uses of the service_name hash, apart from the
lookup_real_service_name sub.
both fixed here
Reported-by: Martin Maurer <martin@proxmox.com>
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
