notifications: add type for ACME notification template data

This commit adds a separate type for the data passed to this type of notification template. Also we make sure that we do not expose any non-primitive types to the template renderer, any data needed in the template is mapped into the new dedicated template data type. This ensures that any changes in types defined in other places do not leak into the template rendering process by accident. These changes are also preparation for allowing user-overrides for notification templates. This commit also tries to unify the style and naming of template variables. Signed-off-by: Lukas Wagner <l.wagner@proxmox.com> Reviewed-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
2025-08-06 15:22:13 +00:00 · 2025-03-28 11:22:35 +01:00 · 2025-03-28 11:22:35 +01:00 · 33d2444eca
commit 33d2444eca
parent 7a3cbd7230
3 changed files with 25 additions and 12 deletions
--- a/src/server/notifications/mod.rs
+++ b/src/server/notifications/mod.rs
@ -23,7 +23,7 @@ const SPOOL_DIR: &str = concatcp!(pbs_buildcfg::PROXMOX_BACKUP_STATE_DIR, "/noti

 mod template_data;

-use template_data::{GcErrTemplateData, GcOkTemplateData};
+use template_data::{AcmeErrTemplateData, CommonData, GcErrTemplateData, GcOkTemplateData};

 /// Initialize the notification system by setting context in proxmox_notify
 pub fn init() -> Result<(), Error> {
@ -489,24 +489,26 @@ pub fn send_updates_available(updates: &[&APTUpdateInfo]) -> Result<(), Error> {
 /// send email on certificate renewal failure.
 pub fn send_certificate_renewal_mail(result: &Result<(), Error>) -> Result<(), Error> {
    let error: String = match result {
-        Err(e) => e.to_string(),
+        Err(e) => format!("{e:#}"),
        _ => return Ok(()),
    };

-    let (fqdn, port) = get_server_url();
-
-    let data = json!({
-        "fqdn": fqdn,
-        "port": port,
-        "error": error,
-    });
-
    let metadata = HashMap::from([
        ("hostname".into(), proxmox_sys::nodename().into()),
        ("type".into(), "acme".into()),
    ]);

-    let notification = Notification::from_template(Severity::Info, "acme-err", data, metadata);
+    let template_data = AcmeErrTemplateData {
+        common: CommonData::new(),
+        error,
+    };
+
+    let notification = Notification::from_template(
+        Severity::Info,
+        "acme-err",
+        serde_json::to_value(template_data)?,
+        metadata,
+    );

    send_notification(notification)?;
    Ok(())
--- a/src/server/notifications/template_data.rs
+++ b/src/server/notifications/template_data.rs
@ -133,3 +133,14 @@ impl GcErrTemplateData {
        }
    }
 }
+
+/// Template data for the acme-err template.
+#[derive(Serialize)]
+#[serde(rename_all = "kebab-case")]
+pub struct AcmeErrTemplateData {
+    /// Common properties.
+    #[serde(flatten)]
+    pub common: CommonData,
+    /// The error that occured when trying to request the certificate.
+    pub error: String,
+}
--- a/templates/default/acme-err-body.txt.hbs
+++ b/templates/default/acme-err-body.txt.hbs
@ -4,4 +4,4 @@ Error: {{error}}

 Please visit the web interface for further details:

-<https://{{fqdn}}:{{port}}/#pbsCertificateConfiguration>
+<{{base-url}}/#pbsCertificateConfiguration>