fog-proxmox-configlmm 0.15.0

data/examples/compute.rb

@@ -0,0 +1,276 @@
+# frozen_string_literal: true
+
+# Copyright 2018 Tristan Robert
+
+# This file is part of Fog::Proxmox.
+
+# Fog::Proxmox is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# Fog::Proxmox is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
+
+# There are basically two modes of operation for these specs.
+#
+# 1. ENV[PROXMOX_URL] exists: talk to an actual Proxmox server and record HTTP
+#    traffic in VCRs at "spec/debug" (credentials are read from the conventional
+#    environment variables: PROXMOX_URL, PROXMOX_USERNAME, PROXMOX_PASSWORD)
+# 2. otherwise (Travis, etc): use VCRs at "spec/fixtures/proxmox/#{service}"
+
+require 'fog/proxmox'
+
+proxmox_url = 'https://172.26.49.146:8006/api2/json'
+proxmox_username = 'root@pam'
+proxmox_password = 'proxmox01'
+
+# Create service compute
+compute = Fog::Proxmox::Compute.new(
+  proxmox_url: proxmox_url,
+  proxmox_username: proxmox_username,
+  proxmox_password: proxmox_password
+)
+
+# Create pools
+pool_hash = { poolid: 'pool1' }
+pool1 = compute.pools.create(pool_hash)
+
+# Get one pool by id
+pool1 = compute.pools.get 'pool1'
+
+# Update pool
+pool1.comment 'pool 1'
+pool1.update
+
+# List all pools
+compute.pools.all
+
+# List pool by pool
+compute.pools.each do |pool|
+  # pool ...
+end
+
+# Delete pool
+pool1.destroy
+
+# Create servers
+
+# Get node owner
+node_name = 'proxmox'
+node = compute.nodes.get node_name
+
+# Get next free vmid
+vmid = node.servers.next_id
+server_hash = { vmid: vmid }
+
+# Create server
+node.servers.create(server_hash)
+
+# Check already used vmid
+node.servers.id_valid? vmid
+
+# Get server
+server = node.servers.get vmid
+
+# Update config server
+# Add cdrom empty
+config_hash = { ide2: 'none,media=cdrom' }
+server.update(config_hash)
+# Attach a hdd
+virtio0 = { id: 'virtio0', storage: storage.storage, size: '1' }
+ide0 = { id: 'ide0', storage: storage.storage, size: '1' }
+options = { backup: 0, replicate: 0 }
+server.attach(virtio0, options)
+server.attach(ide0, options)
+# Resize disk server
+server.extend('virtio0', '+1G')
+# Move disk server
+server.move('virtio0', 'local')
+# Detach a disk
+server.detach 'ide0'
+# Remove it
+server.detach 'unused0'
+# Detach another device
+server.detach 'ide2'
+# Add network interface
+config_hash = { net0: 'virtio,bridge=vmbr0' }
+server.update(config_hash)
+# Add start at boot, keyboard fr, linux 3.x os type, kvm hardware disabled (proxmox guest in virtualbox)
+config_hash = { onboot: 1, keyboard: 'fr', ostype: 'l26', kvm: 0 }
+server.update(config_hash)
+# Get configuration model
+config = server.config
+# Get nics config
+nics = server.config.nics
+nics[:net0]
+# Get hdd controllers (ide, sata, scsi or virtio) config
+# All return hashes with key equals to controller id
+disks = server.config.disks
+ide0 = disks.get('ide0')
+virtio0 = disks.get('virtio0')
+# Get mac_addresses
+server.config.mac_adresses
+# List all servers
+servers_all = node.servers.all
+
+# Start server
+server.action('start')
+# Wait until task is complete
+server.wait_for { ready? }
+# Suspend server
+server.action('suspend')
+# Wait until task is complete
+server.wait_for { server.qmpstatus == 'paused' }
+# Resume server
+server.action('resume')
+# Wait until task is complete
+server.wait_for { ready? }
+# Stop server
+server.action('stop')
+# Wait until task is complete
+server.wait_for { server.status == 'stopped' }
+
+# Backup a server
+server.backup(compress: 'lzo')
+
+# Fetch a backup volume (first one)
+volume = server.backups.first
+
+# Restore it
+server.restore volume
+
+# Delete a backup
+volume.destroy
+
+# Snapshot a server
+server.snapshots.create(name: 'snapshot1')
+
+# Fetch it
+snapshot = server.snapshots.get 'snapshot1'
+# Fetch all
+server.snapshots.all
+
+# Update snapshot
+snapshot.description 'Snapshot 1'
+snapshot.update
+
+# Delete snapshot
+snapshot.destroy
+
+# Fetch disk images
+server.config.disks
+
+# Delete server
+server.destroy
+
+# Create containers
+node_name = 'proxmox'
+node = compute.nodes.get node_name
+ostemplate = 'local:vztmpl/alpine-3.7-default_20171211_amd64.tar.xz'
+container_hash = {
+  vmid: vmid,
+  storage: 'local-lvm',
+  ostemplate: ostemplate,
+  password: 'proxmox01',
+  rootfs: 'local-lvm:1'
+}
+
+# Get next free vmid
+vmid = node.containers.next_id
+
+node.containers.create(container_hash)
+# Check already used vmid
+valid = node.containers.id_valid? vmid
+
+# Get container
+container = node.containers.get(vmid)
+
+# Get container config
+container.config
+# Update config container
+# Attach an aditional mount point
+mp0 = { id: 'mp0', storage: 'local-lvm', size: '1' }
+options = { mp: '/opt/app', backup: 0, replicate: 0, quota: 1 }
+container.attach(mp0, options)
+# Resize rootfs container
+container.extend('rootfs', '+1G')
+# Move rootfs container and delete original
+container.move('rootfs', 'local-lvm', delete: 1)
+# Detach a mount point
+container.detach 'mp0'
+# Remove it
+container.detach 'unused0'
+# Add network interface
+config_hash = { net0: 'bridge=vmbr0,name=eth0,ip=dhcp,ip6=dhcp' }
+container.update(config_hash)
+# Add start at boot, linux os type alpine
+config_hash = { onboot: 1, ostype: 'alpine' }
+container.update(config_hash)
+# Get mac_addresses
+container.mac_adresses
+# Get interfaces
+container.config.interfaces
+# Get additional mount points
+container.config.mount_points
+# List all servers
+containers_all = node.containers.all
+
+# Start container
+container.action('start')
+# Wait until task is complete
+container.wait_for { ready? }
+# Stop container
+container.action('stop')
+# Wait until task is complete
+container.wait_for { container.status == 'stopped' }
+
+# Backup a container
+container.backup(compress: 'lzo')
+
+# Fetch a backup volume (first one)
+volume = container.backups.first
+
+# Restore it
+container.restore volume
+
+# Delete a backup
+volume.destroy
+
+# Snapshot a container
+container.snapshots.create(name: 'snapshot1')
+
+# Fetch it
+snapshot = container.snapshots.get 'snapshot1'
+# Fetch all
+container.snapshots.all
+
+# Update snapshot
+snapshot.description 'Snapshot 1'
+snapshot.update
+
+# Delete snapshot
+snapshot.destroy
+
+# Fetch additional mount points
+container.config.mount_points
+# Fetch network interfaces
+container.config.interfaces
+
+# Delete container
+container.destroy
+
+# List 1 task
+filters = { limit: 1 }
+node = compute.nodes.get 'proxmox'
+tasks = node.tasks.all(filters)
+# Get task
+upid = tasks[0].upid
+task = node.tasks.get(upid)
+# Stop task
+task.stop

data/examples/identity.rb

@@ -0,0 +1,203 @@
+# frozen_string_literal: true
+# Copyright 2018 Tristan Robert
+
+# This file is part of Fog::Proxmox.
+
+# Fog::Proxmox is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# Fog::Proxmox is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
+
+# frozen_string_literal: true
+
+# There are basically two modes of operation for these specs.
+#
+# 1. ENV[PROXMOX_URL] exists: talk to an actual Proxmox server and record HTTP
+#    traffic in VCRs at "spec/debug" (credentials are read from the conventional
+#    environment variables: PROXMOX_URL, PROXMOX_USERNAME, PROXMOX_PASSWORD)
+# 2. otherwise (Travis, etc): use VCRs at "spec/fixtures/proxmox/#{service}"
+
+require 'fog/proxmox'
+
+proxmox_url = 'https://172.26.49.146:8006/api2/json'
+proxmox_username = 'root@pam'
+proxmox_password = 'proxmox01'
+
+# Create service identity with access ticket
+identity = Fog::Proxmox::Identity.new(
+  proxmox_url: proxmox_url,
+  proxmox_auth_method: 'access_ticket',
+  proxmox_username: proxmox_username,
+  proxmox_password: proxmox_password
+)
+
+# or with a user token
+identity = Fog::Proxmox::Identity.new(
+	proxmox_url: proxmox_url, 
+	proxmox_auth_method: 'user_token', 
+	proxmox_userid: proxmox_username, 
+	proxmox_tokenid: 'root1',
+	proxmox_token: 'ed6402b4-641d-46b1-b20a-33ba9ba12f54'
+)      
+
+# Get proxmox version
+identity.read_version
+
+# Create a new user
+bob_hash = {
+  userid: 'bobsinclar@proxmox',
+  password: 'bobsinclar1',
+  firstname: 'Bob',
+  lastname: 'Sinclar',
+  email: 'bobsinclar@proxmox.com'
+}
+
+identity.users.create(bob_hash)
+
+# Get a user by id
+bob = identity.users.get 'bobsinclar@proxmox'
+
+# List all users
+identity.users.all
+
+# List user by user
+identity.users.each do |user|
+  # user ...
+end
+
+# Update user
+bob.comment = 'novelist'
+# add groups
+bob.groups = %w[group1]
+bob.update
+
+# List user permissions
+bob.permissions
+
+# Delete user
+bob.destroy
+
+# Create groups
+group_hash = { groupid: 'group1' }
+identity.domains.create(group_hash)
+
+# Get one group by id
+group1 = identity.groups.get 'group1'
+
+# Update group
+group1.comment 'Group 1'
+group1.update
+
+# List all groups
+identity.groups.all
+
+# List group by group
+identity.groups.each do |group|
+  # group ...
+end
+
+# Delete group
+group1.destroy
+
+# Create roles
+role_hash = { roleid: 'role1' }
+identity.roles.create(role_hash)
+
+# Get one role by id
+role1 = identity.roles.get 'role1'
+
+# Update role
+role1.comment 'Role 1'
+role1.update
+
+# List all roles
+identity.roles.all
+
+# List role by role
+identity.roles.each do |role|
+  # role ...
+end
+
+# Delete role
+role1.destroy
+
+# Create a new domain (authentication server)
+# Three types: PAM, PROXMOX, LDAP and ActiveDirectory
+# PAM and PROXMOX already exist by default
+# LDAP sample:
+ldap_hash = {
+  realm: 'LDAP',
+  type: 'ldap',
+  base_dn: 'ou=People,dc=ldap-test,dc=com',
+  user_attr: 'LDAP',
+  server1: 'localhost',
+  port: 389,
+  default: 0,
+  secure: 0
+}
+# ActiveDirectory sample:
+# ad_hash = {
+#   realm: 'ActiveDirectory',
+#   type: 'ad',
+#   domain: 'proxmox.com',
+#   server1: 'localhost',
+#   port: 389,
+#   default: 0,
+#   secure: 0
+# }
+
+identity.domains.create(ldap_hash)
+
+# List domains
+identity.domains.each do |domain|
+  # domain ...
+end
+
+# Find domain by id
+ldap = identity.domains.get ldap_hash[:realm]
+
+# Update domain
+ldap.type.comment = 'Test domain LDAP'
+# Two types of Two Factors Authentication (TFA): oath and yubico
+ldap.type.tfa = 'type=oath,step=30,digits=8'
+# ad.type.tfa = 'type=yubico,id=1,key=2,url=http://localhost'
+ldap.update
+
+# Delete domain
+ldap.destroy
+
+# Add a user permission
+permission_hash = {
+  type: 'user'
+  path: '/access',
+  roleid: 'PROXMOXUserAdmin',
+  ugid: bob_hash[:userid]
+}
+# Add a group permission
+# permission_hash = {
+#   type: 'group'
+#   path: '/access',
+#   roleid: 'PROXMOXUserAdmin',
+#   ugid: 'group1'
+# }
+permission = identity.permissions.create(permission_hash)
+
+# List all permissions
+identity.permissions.all
+
+# List permission by permission
+identity.permissions.each do |permission|
+  # permission ...
+end
+
+# Remove permission
+permission = identity.get(permission_hash)
+permission.destroy

data/lib/fog/proxmox/attributes.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+# Copyright 2018 Tristan Robert
+
+# This file is part of Fog::Proxmox.
+
+# Fog::Proxmox is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# Fog::Proxmox is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
+
+module Fog
+  module Proxmox
+    # module Attributes mixins
+    module Attributes
+      def self.set_attr(attr_name, attributes, new_attributes)
+        attributes[attr_name.to_sym] = new_attributes[attr_name] unless new_attributes[attr_name].nil?
+      end
+
+      def self.set_attr_and_sym(attr_name, attributes, new_attributes)
+        set_attr(attr_name, attributes, new_attributes)
+        set_attr(attr_name.to_sym, attributes, new_attributes)
+      end
+    end
+  end
+end

data/lib/fog/proxmox/auth/token/access_ticket.rb

@@ -0,0 +1,96 @@
+# frozen_string_literal: true
+
+# Copyright 2018 Tristan Robert
+
+# This file is part of Fog::Proxmox.
+
+# Fog::Proxmox is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# Fog::Proxmox is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
+
+require 'fog/json'
+require 'fog/proxmox/variables'
+require 'fog/proxmox/json'
+
+module Fog
+  module Proxmox
+    # Core module
+    module Auth
+      module Token
+        class AccessTicket
+          include Fog::Proxmox::Auth::Token
+
+          NAME = 'access_ticket'
+
+          attr_reader :csrf_token
+
+          class URIError < RuntimeError; end
+
+          EXPIRATION_DELAY = 2 * 60 * 60
+
+          def auth_method
+            'POST'
+          end
+
+          def auth_path(_params = {})
+            '/access/ticket'
+          end
+
+          def auth_body(params = {})
+            raise URIError, 'URI params is required' if params.nil? || params.empty?
+
+            if params[:proxmox_username].nil? || params[:proxmox_username].empty?
+              raise URIError,
+                    'proxmox_username is required'
+            end
+            if params[:proxmox_password].nil? || params[:proxmox_password].empty?
+              raise URIError,
+                    'proxmox_password is required'
+            end
+
+            URI.encode_www_form(username: params[:proxmox_username], password: params[:proxmox_password])
+          end
+
+          def headers(method = 'GET', _params = {}, additional_headers = {})
+            headers_hash = {}
+            @data ||= {}
+            unless @data.empty?
+              headers_hash.store('Cookie', "PVEAuthCookie=#{@data['ticket']}")
+              if %w[PUT POST DELETE].include? method
+                headers_hash.store('CSRFPreventionToken', @data['CSRFPreventionToken'])
+              end
+            end
+            headers_hash.merge! additional_headers
+            headers_hash
+          end
+
+          def build_credentials(_proxmox_options, data)
+            @token = data['ticket']
+            @expires = Time.now.utc.to_i + EXPIRATION_DELAY
+            @userid = data['username']
+            @csrf_token = data['CSRFPreventionToken']
+          end
+
+          def missing_credentials(options)
+            missing_credentials = []
+            missing_credentials << :proxmox_username unless options[:proxmox_username]
+            missing_credentials << :proxmox_password unless options[:proxmox_password]
+            return if missing_credentials.empty?
+
+            raise ArgumentError,
+                  "Missing required arguments: #{missing_credentials.join(', ')}"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/fog/proxmox/auth/token/user_token.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+# Copyright 2018 Tristan Robert
+
+# This file is part of Fog::Proxmox.
+
+# Fog::Proxmox is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# Fog::Proxmox is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
+
+require 'fog/json'
+require 'fog/proxmox/variables'
+require 'fog/proxmox/json'
+
+module Fog
+  module Proxmox
+    # Core module
+    module Auth
+      module Token
+        class UserToken
+          include Fog::Proxmox::Auth::Token
+
+          NAME = 'user_token'
+
+          attr_reader :token_id
+
+          class URIError < RuntimeError; end
+
+          def auth_method
+            'GET'
+          end
+
+          def auth_path(params = {})
+            raise URIError, 'URI params are required' if params.nil? || params.empty?
+
+            if params[:proxmox_userid].nil? || params[:proxmox_userid].empty?
+              raise URIError,
+                    'proxmox_userid is required'
+            end
+            if params[:proxmox_tokenid].nil? || params[:proxmox_tokenid].empty?
+              raise URIError,
+                    'proxmox_tokenid is required'
+            end
+
+            "/access/users/#{URI.encode_www_form_component(params[:proxmox_userid])}/token/#{params[:proxmox_tokenid]}"
+          end
+
+          def auth_body(_params = {})
+            ''
+          end
+
+          def no_token?(params)
+            (params.respond_to?(:proxmox_token) || params[:proxmox_token].nil? || params[:proxmox_token].empty?) && (@token.nil? || @token.empty?)
+          end
+
+          def set_credentials(params)
+            token = @token
+            token = params[:proxmox_token] if token.empty?
+            token_id = @token_id
+            token_id = params[:proxmox_tokenid] if token_id.empty?
+            userid = @userid
+            userid = params[:proxmox_userid] if userid.empty?
+            { userid: userid, token_id: token_id, token: token }
+          end
+
+          def headers(_method = 'GET', params = {}, additional_headers = {})
+            raise URIError, 'User token is required' if no_token?(params)
+
+            credentials = set_credentials(params)
+            headers_hash = {}
+            headers_hash.store('Authorization',
+                               "PVEAPIToken=#{credentials[:userid]}!#{credentials[:token_id]}=#{credentials[:token]}")
+            headers_hash.merge! additional_headers
+            headers_hash
+          end
+
+          def build_credentials(proxmox_options, data)
+            @expires = data['expire']
+            @token = proxmox_options[:proxmox_token]
+            @token_id = proxmox_options[:proxmox_tokenid]
+            @userid = proxmox_options[:proxmox_userid]
+          end
+
+          def missing_credentials(options)
+            missing_credentials = []
+            missing_credentials << :proxmox_userid unless options[:proxmox_userid]
+            missing_credentials << :proxmox_tokenid unless options[:proxmox_tokenid]
+            missing_credentials << :proxmox_token unless options[:proxmox_token]
+            return if missing_credentials.empty?
+
+            raise ArgumentError,
+                  "Missing required arguments: #{missing_credentials.join(', ')}"
+          end
+        end
+      end
+    end
+  end
+end