and use the broadcast when a service is added/removed
we will use 'get_cluster_service' in the future when we generate a list
of services of a specific type
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Wit commit a74ba607d4 we switched over
to using the dpkg-dev provided helpers to set package version,
architecture and such in the buildsystem.
But unlike other repositories we used the version also for giving it
back over the API through the during build generated PVE::pvecfg
module, which wasn't fully updated to the new style.
This patch does that, and also cleans up semantics a bit, the
following two changed:
release is now the Debian release, instead of the "package release"
(i.e., the -X part of a full package version).
version is now simply the full (pve-manager) version, e.g., 6.0-1 or
the currently for testing used 6.0-0+1
This allows to do everything we used this information for even in a
slightly easier way (no string concat needed anymore), and fits also
with the terminology we often used in our public channels (mailing
lists, forum, website)
Remove some cruft as we touch things.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
read_proxy_conf was moved to the new PVE::ApiServer::Utils so that it
can be reused by other apiservers (e.g., PMG one). Use that one, so
that we can remove it here later
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
disabling http compression is considered good practice and certain TLS-testing
scripts/sites lower the security rating if it's enabled.
compression is still on by default for the potential speed/performance gain.
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
fix#2069 (the report includes rationale and also information on test-cases).
Tested by:
* running testssl.sh [0]
* enabling this setting (our default cipherlist prefers AES256,
chromium on stretch AES128)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
The default CIPHERS allowed for a fair amount of not really considered
secure anymore connections. This updated cipher list is taken from
mozilla: https://wiki.mozilla.org/Security/Server_Side_TLS
Signed-off-by: Rhonda D'Vine <rhonda@proxmox.com>
if we do not have a language cookie, try to read
the language from the datacenter.cfg and fall back to 'en'
also set it into the 'Proxmox' object, so that the gui can show it
in the LoginWindow
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
allows us to remove the external loading of extjs from the cloudflare
cdn in pve-docs easier with having the external hosted version in
mind.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we will use components from proxmox-widget-toolkit rather than
directly from pve-manager
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
we do not set an Expire header for our js files, and certain browsers
do not even make the request then (on which we would answer
with a correct 304 not modified)
so to force the browser to load a new version of the gui when we change
something, we add the package version as a get parameter
when doing this, the browsers still cache the file, until the get
parameter changes, which is exactly what we want
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
instead of having font-awesome copied into the repository,
depend on the debian package 'fonts-font-awesome', which provides all we
need
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
We're already limiting CPUs to lxc/cpuset.effective_cpus,
so let's use the highest cpuid from that set as a maximum to
initialize the container count array.
This allows filtering by node in InfluxDB queries, so the statistics
of all virtual guests on a specific nodes can be queried.
While for InfluxDB this is only a tag which does changes where the
data is stored, Graphite - our other status plugin - has no such
mechanics available. If we would add it to the object hierarchy,
e.g.: "qemu.$vmid.$nodename" a migration of a VM would result in two
different datasets.
So avoid breaking setups and omit it for Graphite for now.
Suggested-by: Daniel1108 <danielgallegosanchez@gmail.com>
CC: Daniel1108 <danielgallegosanchez@gmail.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
