fog-proxmox 0.13.0 → 0.15.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +34 -49
- data/.github/workflows/release.yml +38 -0
- data/.rubocop.yml +11 -10
- data/.rubocop_todo.yml +255 -0
- data/CHANGELOG.md +8 -0
- data/README.md +35 -4
- data/Rakefile +8 -35
- data/bin/console +2 -4
- data/bin/setup +2 -4
- data/docs/compute.md +23 -7
- data/docs/identity.md +31 -6
- data/examples/compute.rb +11 -11
- data/examples/identity.rb +28 -15
- data/fog-proxmox.gemspec +8 -6
- data/lib/fog/proxmox/attributes.rb +3 -2
- data/lib/fog/proxmox/auth/token/access_ticket.rb +96 -0
- data/lib/fog/proxmox/auth/token/user_token.rb +107 -0
- data/lib/fog/proxmox/auth/token.rb +94 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/disk.rb +21 -3
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/disks.rb +6 -2
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/interface.rb +5 -1
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/interfaces.rb +2 -2
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/node.rb +3 -5
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/nodes.rb +2 -2
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/server.rb +29 -18
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/server_config.rb +17 -4
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/servers.rb +6 -6
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/snapshot.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/snapshots.rb +2 -2
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/storage.rb +3 -2
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/storages.rb +3 -3
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/task.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/tasks.rb +2 -1
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/volume.rb +8 -1
- data/lib/fog/{compute/proxmox → proxmox/compute}/models/volumes.rb +3 -3
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/action_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/clone_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_backup.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_snapshot.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_spice.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_term.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/create_vnc.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/delete_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/delete_snapshot.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/delete_volume.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_node_statistics.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_server_config.rb +14 -14
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_server_status.rb +17 -17
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_snapshot_config.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_task.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_vnc.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/get_volume.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_nodes.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_servers.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_snapshots.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_storages.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_tasks.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/list_volumes.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/log_task.rb +1 -1
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/migrate_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/move_disk.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/move_volume.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/next_vmid.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/resize_container.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/resize_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/rollback_snapshot.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/status_task.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/stop_task.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/template_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/update_server.rb +0 -0
- data/lib/fog/{compute/proxmox → proxmox/compute}/requests/update_snapshot.rb +0 -0
- data/lib/fog/{compute/proxmox.rb → proxmox/compute.rb} +31 -16
- data/lib/fog/proxmox/core.rb +76 -64
- data/lib/fog/proxmox/errors.rb +2 -1
- data/lib/fog/proxmox/hash.rb +2 -4
- data/lib/fog/proxmox/helpers/controller_helper.rb +3 -4
- data/lib/fog/proxmox/helpers/cpu_helper.rb +55 -9
- data/lib/fog/proxmox/helpers/disk_helper.rb +51 -25
- data/lib/fog/proxmox/helpers/ip_helper.rb +21 -20
- data/lib/fog/proxmox/helpers/nic_helper.rb +37 -27
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/domain.rb +7 -3
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/domain_type.rb +0 -1
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/domains.rb +2 -3
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/group.rb +6 -2
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/groups.rb +2 -2
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/permission.rb +5 -4
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/permissions.rb +4 -2
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/pool.rb +4 -4
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/pools.rb +5 -5
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/principal.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/role.rb +1 -1
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/roles.rb +2 -2
- data/lib/fog/proxmox/identity/models/token.rb +72 -0
- data/lib/fog/proxmox/identity/models/token_info.rb +41 -0
- data/lib/fog/proxmox/identity/models/tokens.rb +54 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/user.rb +24 -2
- data/lib/fog/{identity/proxmox → proxmox/identity}/models/users.rb +2 -2
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/change_password.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/check_permissions.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/create_domain.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/create_group.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/create_pool.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/create_role.rb +0 -0
- data/lib/fog/proxmox/identity/requests/create_token.rb +40 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/create_user.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/delete_domain.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/delete_group.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/delete_pool.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/delete_role.rb +0 -0
- data/lib/fog/proxmox/identity/requests/delete_token.rb +40 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/delete_user.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/get_domain.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/get_group.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/get_pool.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/get_role.rb +0 -0
- data/lib/fog/proxmox/identity/requests/get_token_info.rb +41 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/get_user.rb +1 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_domains.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_groups.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_permissions.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_pools.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_roles.rb +0 -0
- data/lib/fog/proxmox/identity/requests/list_tokens.rb +41 -0
- data/lib/fog/proxmox/identity/requests/list_user_permissions.rb +44 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/list_users.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/read_version.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_domain.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_group.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_permissions.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_pool.rb +0 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_role.rb +0 -0
- data/lib/fog/proxmox/identity/requests/update_token.rb +41 -0
- data/lib/fog/{identity/proxmox → proxmox/identity}/requests/update_user.rb +0 -0
- data/lib/fog/{identity/proxmox.rb → proxmox/identity.rb} +31 -17
- data/lib/fog/{network/proxmox → proxmox/network}/models/network.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/models/networks.rb +2 -2
- data/lib/fog/{network/proxmox → proxmox/network}/models/node.rb +2 -1
- data/lib/fog/{network/proxmox → proxmox/network}/models/nodes.rb +2 -2
- data/lib/fog/{network/proxmox → proxmox/network}/requests/create_network.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/delete_network.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/get_network.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/get_node.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/list_networks.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/list_nodes.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/power_node.rb +0 -0
- data/lib/fog/{network/proxmox → proxmox/network}/requests/update_network.rb +0 -0
- data/lib/fog/{network/proxmox.rb → proxmox/network.rb} +21 -14
- data/lib/fog/{storage/proxmox.rb → proxmox/storage.rb} +1 -1
- data/lib/fog/proxmox/string.rb +4 -3
- data/lib/fog/proxmox/version.rb +1 -1
- data/lib/fog/proxmox.rb +14 -76
- data/spec/compute_spec.rb +4 -4
- data/spec/fixtures/proxmox/compute/common_auth.yml +40 -0
- data/spec/fixtures/proxmox/compute/containers.yml +1752 -7568
- data/spec/fixtures/proxmox/compute/nodes.yml +24 -30
- data/spec/fixtures/proxmox/compute/servers.yml +5015 -10683
- data/spec/fixtures/proxmox/compute/snapshots.yml +479 -1719
- data/spec/fixtures/proxmox/compute/storages.yml +32 -40
- data/spec/fixtures/proxmox/compute/tasks.yml +118 -338
- data/spec/fixtures/proxmox/identity/auth.yml +10 -12
- data/spec/fixtures/proxmox/identity/auth_access_ticket.yml +77 -0
- data/spec/fixtures/proxmox/identity/auth_user_token.yml +77 -0
- data/spec/fixtures/proxmox/identity/common_auth.yml +40 -0
- data/spec/fixtures/proxmox/identity/domains.yml +145 -181
- data/spec/fixtures/proxmox/identity/groups.yml +72 -90
- data/spec/fixtures/proxmox/identity/permissions.yml +297 -189
- data/spec/fixtures/proxmox/identity/pools.yml +176 -421
- data/spec/fixtures/proxmox/identity/read_version.yml +7 -9
- data/spec/fixtures/proxmox/identity/roles.yml +69 -87
- data/spec/fixtures/proxmox/identity/tokens.yml +494 -0
- data/spec/fixtures/proxmox/identity/users.yml +149 -187
- data/spec/fixtures/proxmox/network/common_auth.yml +40 -0
- data/spec/fixtures/proxmox/network/networks.yml +99 -96
- data/spec/hash_spec.rb +2 -1
- data/spec/helpers/controller_helper_spec.rb +135 -123
- data/spec/helpers/cpu_helper_spec.rb +57 -45
- data/spec/helpers/disk_helper_spec.rb +281 -187
- data/spec/helpers/ip_helper_spec.rb +155 -138
- data/spec/helpers/nic_helper_spec.rb +122 -114
- data/spec/identity_spec.rb +123 -29
- data/spec/network_spec.rb +3 -3
- data/spec/proxmox_vcr.rb +24 -22
- data/spec/spec_helper.rb +4 -3
- data/tasks/audit.rake +25 -0
- data/tasks/lint.rake +22 -0
- data/tasks/test.rake +65 -0
- metadata +205 -174
- data/.codeclimate.yml +0 -14
- data/spec/fixtures/proxmox/compute/identity_ticket.yml +0 -40
- data/spec/fixtures/proxmox/identity/identity_ticket.yml +0 -40
- data/spec/fixtures/proxmox/identity/renew.yml +0 -40
- data/spec/fixtures/proxmox/network/identity_ticket.yml +0 -40
data/docs/identity.md
CHANGED
@@ -18,16 +18,32 @@ require 'fog/proxmox'
|
|
18
18
|
|
19
19
|
## Create identity service
|
20
20
|
|
21
|
+
with access ticket:
|
22
|
+
|
23
|
+
```ruby
|
24
|
+
identity = Fog::Proxmox::Identity.new(
|
25
|
+
proxmox_url: 'https://localhost:8006/api2/json',
|
26
|
+
proxmox_auth_method: 'access_ticket',
|
27
|
+
proxmox_username: 'your_user@your_realm',
|
28
|
+
proxmox_password: 'his_password',
|
29
|
+
connection_options: { ... }
|
30
|
+
)
|
31
|
+
```
|
32
|
+
|
33
|
+
with API user token:
|
34
|
+
|
21
35
|
```ruby
|
22
36
|
identity = Fog::Proxmox::Identity.new(
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
37
|
+
proxmox_url: 'https://localhost:8006/api2/json',
|
38
|
+
proxmox_auth_method: 'user_token',
|
39
|
+
proxmox_userid: 'your_user@your_realm',
|
40
|
+
proxmox_tokenid: 'his_tokenid',
|
41
|
+
proxmox_token: 'his_token',
|
42
|
+
connection_options: { ... }
|
43
|
+
)
|
28
44
|
```
|
29
45
|
|
30
|
-
[connection_options](connection_parameters.md) are also available.
|
46
|
+
[connection_options](connection_parameters.md) are also available and optional.
|
31
47
|
|
32
48
|
## Fog Abstractions
|
33
49
|
|
@@ -312,6 +328,15 @@ identity.permissions.remove({
|
|
312
328
|
users: 'bobsinclar@pve'
|
313
329
|
})
|
314
330
|
```
|
331
|
+
|
332
|
+
User permissions:
|
333
|
+
|
334
|
+
|
335
|
+
```ruby
|
336
|
+
bob = identity.users.get 'bobsinclar@pve'
|
337
|
+
bob.permissions
|
338
|
+
```
|
339
|
+
|
315
340
|
#### Pools management
|
316
341
|
|
317
342
|
Proxmox supports pools management of VMs or storages. It eases managing permissions on these.
|
data/examples/compute.rb
CHANGED
@@ -19,22 +19,22 @@
|
|
19
19
|
|
20
20
|
# There are basically two modes of operation for these specs.
|
21
21
|
#
|
22
|
-
# 1. ENV[
|
22
|
+
# 1. ENV[PROXMOX_URL] exists: talk to an actual Proxmox server and record HTTP
|
23
23
|
# traffic in VCRs at "spec/debug" (credentials are read from the conventional
|
24
|
-
# environment variables:
|
24
|
+
# environment variables: PROXMOX_URL, PROXMOX_USERNAME, PROXMOX_PASSWORD)
|
25
25
|
# 2. otherwise (Travis, etc): use VCRs at "spec/fixtures/proxmox/#{service}"
|
26
26
|
|
27
27
|
require 'fog/proxmox'
|
28
28
|
|
29
|
-
|
30
|
-
|
31
|
-
|
29
|
+
proxmox_url = 'https://172.26.49.146:8006/api2/json'
|
30
|
+
proxmox_username = 'root@pam'
|
31
|
+
proxmox_password = 'proxmox01'
|
32
32
|
|
33
33
|
# Create service compute
|
34
34
|
compute = Fog::Proxmox::Compute.new(
|
35
|
-
|
36
|
-
|
37
|
-
|
35
|
+
proxmox_url: proxmox_url,
|
36
|
+
proxmox_username: proxmox_username,
|
37
|
+
proxmox_password: proxmox_password
|
38
38
|
)
|
39
39
|
|
40
40
|
# Create pools
|
@@ -62,7 +62,7 @@ pool1.destroy
|
|
62
62
|
# Create servers
|
63
63
|
|
64
64
|
# Get node owner
|
65
|
-
node_name = '
|
65
|
+
node_name = 'proxmox'
|
66
66
|
node = compute.nodes.get node_name
|
67
67
|
|
68
68
|
# Get next free vmid
|
@@ -170,7 +170,7 @@ server.config.disks
|
|
170
170
|
server.destroy
|
171
171
|
|
172
172
|
# Create containers
|
173
|
-
node_name = '
|
173
|
+
node_name = 'proxmox'
|
174
174
|
node = compute.nodes.get node_name
|
175
175
|
ostemplate = 'local:vztmpl/alpine-3.7-default_20171211_amd64.tar.xz'
|
176
176
|
container_hash = {
|
@@ -267,7 +267,7 @@ container.destroy
|
|
267
267
|
|
268
268
|
# List 1 task
|
269
269
|
filters = { limit: 1 }
|
270
|
-
node = compute.nodes.get '
|
270
|
+
node = compute.nodes.get 'proxmox'
|
271
271
|
tasks = node.tasks.all(filters)
|
272
272
|
# Get task
|
273
273
|
upid = tasks[0].upid
|
data/examples/identity.rb
CHANGED
@@ -20,30 +20,40 @@
|
|
20
20
|
|
21
21
|
# There are basically two modes of operation for these specs.
|
22
22
|
#
|
23
|
-
# 1. ENV[
|
23
|
+
# 1. ENV[PROXMOX_URL] exists: talk to an actual Proxmox server and record HTTP
|
24
24
|
# traffic in VCRs at "spec/debug" (credentials are read from the conventional
|
25
|
-
# environment variables:
|
25
|
+
# environment variables: PROXMOX_URL, PROXMOX_USERNAME, PROXMOX_PASSWORD)
|
26
26
|
# 2. otherwise (Travis, etc): use VCRs at "spec/fixtures/proxmox/#{service}"
|
27
27
|
|
28
28
|
require 'fog/proxmox'
|
29
29
|
|
30
|
-
|
31
|
-
|
32
|
-
|
30
|
+
proxmox_url = 'https://172.26.49.146:8006/api2/json'
|
31
|
+
proxmox_username = 'root@pam'
|
32
|
+
proxmox_password = 'proxmox01'
|
33
33
|
|
34
|
-
# Create service identity
|
34
|
+
# Create service identity with access ticket
|
35
35
|
identity = Fog::Proxmox::Identity.new(
|
36
|
-
|
37
|
-
|
38
|
-
|
36
|
+
proxmox_url: proxmox_url,
|
37
|
+
proxmox_auth_method: 'access_ticket',
|
38
|
+
proxmox_username: proxmox_username,
|
39
|
+
proxmox_password: proxmox_password
|
39
40
|
)
|
40
41
|
|
42
|
+
# or with a user token
|
43
|
+
identity = Fog::Proxmox::Identity.new(
|
44
|
+
proxmox_url: proxmox_url,
|
45
|
+
proxmox_auth_method: 'user_token',
|
46
|
+
proxmox_userid: proxmox_username,
|
47
|
+
proxmox_tokenid: 'root1',
|
48
|
+
proxmox_token: 'ed6402b4-641d-46b1-b20a-33ba9ba12f54'
|
49
|
+
)
|
50
|
+
|
41
51
|
# Get proxmox version
|
42
52
|
identity.read_version
|
43
53
|
|
44
54
|
# Create a new user
|
45
55
|
bob_hash = {
|
46
|
-
userid: 'bobsinclar@
|
56
|
+
userid: 'bobsinclar@proxmox',
|
47
57
|
password: 'bobsinclar1',
|
48
58
|
firstname: 'Bob',
|
49
59
|
lastname: 'Sinclar',
|
@@ -53,7 +63,7 @@ bob_hash = {
|
|
53
63
|
identity.users.create(bob_hash)
|
54
64
|
|
55
65
|
# Get a user by id
|
56
|
-
bob = identity.users.get 'bobsinclar@
|
66
|
+
bob = identity.users.get 'bobsinclar@proxmox'
|
57
67
|
|
58
68
|
# List all users
|
59
69
|
identity.users.all
|
@@ -69,6 +79,9 @@ bob.comment = 'novelist'
|
|
69
79
|
bob.groups = %w[group1]
|
70
80
|
bob.update
|
71
81
|
|
82
|
+
# List user permissions
|
83
|
+
bob.permissions
|
84
|
+
|
72
85
|
# Delete user
|
73
86
|
bob.destroy
|
74
87
|
|
@@ -117,8 +130,8 @@ end
|
|
117
130
|
role1.destroy
|
118
131
|
|
119
132
|
# Create a new domain (authentication server)
|
120
|
-
# Three types: PAM,
|
121
|
-
# PAM and
|
133
|
+
# Three types: PAM, PROXMOX, LDAP and ActiveDirectory
|
134
|
+
# PAM and PROXMOX already exist by default
|
122
135
|
# LDAP sample:
|
123
136
|
ldap_hash = {
|
124
137
|
realm: 'LDAP',
|
@@ -165,14 +178,14 @@ ldap.destroy
|
|
165
178
|
permission_hash = {
|
166
179
|
type: 'user'
|
167
180
|
path: '/access',
|
168
|
-
roleid: '
|
181
|
+
roleid: 'PROXMOXUserAdmin',
|
169
182
|
ugid: bob_hash[:userid]
|
170
183
|
}
|
171
184
|
# Add a group permission
|
172
185
|
# permission_hash = {
|
173
186
|
# type: 'group'
|
174
187
|
# path: '/access',
|
175
|
-
# roleid: '
|
188
|
+
# roleid: 'PROXMOXUserAdmin',
|
176
189
|
# ugid: 'group1'
|
177
190
|
# }
|
178
191
|
permission = identity.permissions.create(permission_hash)
|
data/fog-proxmox.gemspec
CHANGED
@@ -33,13 +33,12 @@ Gem::Specification.new do |spec|
|
|
33
33
|
spec.license = 'GPL-3.0'
|
34
34
|
|
35
35
|
spec.files = `git ls-files -z`.split("\x0")
|
36
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
37
36
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
38
37
|
spec.require_paths = ['lib']
|
39
38
|
spec.required_ruby_version = '>= 2.5'
|
40
|
-
spec.rubygems_version = '~> 2.6'
|
41
39
|
|
42
40
|
spec.add_development_dependency 'bundler', '~> 2.1'
|
41
|
+
spec.add_development_dependency 'bundler-audit', '~> 0.6'
|
43
42
|
spec.add_development_dependency 'debase', '~> 0.2.2'
|
44
43
|
spec.add_development_dependency 'debride', '~> 1.8'
|
45
44
|
spec.add_development_dependency 'fasterer', '~> 0.3'
|
@@ -48,16 +47,19 @@ Gem::Specification.new do |spec|
|
|
48
47
|
spec.add_development_dependency 'pry', '~> 0.11'
|
49
48
|
spec.add_development_dependency 'rake', '~> 12.3'
|
50
49
|
spec.add_development_dependency 'rcodetools', '~> 0.3'
|
51
|
-
spec.add_development_dependency 'reek', '~>
|
50
|
+
spec.add_development_dependency 'reek', '~> 6.1'
|
52
51
|
spec.add_development_dependency 'rspec', '~> 3.7'
|
53
|
-
spec.add_development_dependency 'rubocop', '~>
|
52
|
+
spec.add_development_dependency 'rubocop', '~> 1.39'
|
53
|
+
spec.add_development_dependency 'rubocop-minitest', '~> 0.24'
|
54
|
+
spec.add_development_dependency 'rubocop-rake', '~> 0.6'
|
55
|
+
spec.add_development_dependency 'rubocop-rspec', '~> 2.15'
|
54
56
|
spec.add_development_dependency 'ruby-debug-ide', '~> 0.6'
|
55
|
-
spec.add_development_dependency 'simplecov', '0.
|
57
|
+
spec.add_development_dependency 'simplecov', '~> 0.21'
|
56
58
|
spec.add_development_dependency 'vcr', '~> 4.0'
|
57
59
|
spec.add_development_dependency 'webmock', '~> 3.5'
|
58
|
-
spec.add_development_dependency 'bundler-audit', '~> 0.6'
|
59
60
|
|
60
61
|
spec.add_dependency 'fog-core', '~> 2.1'
|
61
62
|
spec.add_dependency 'fog-json', '~> 1.2'
|
62
63
|
spec.add_dependency 'ipaddress', '~> 0.8'
|
64
|
+
spec.metadata['rubygems_mfa_required'] = 'true'
|
63
65
|
end
|
@@ -24,9 +24,10 @@ module Fog
|
|
24
24
|
def self.set_attr(attr_name, attributes, new_attributes)
|
25
25
|
attributes[attr_name.to_sym] = new_attributes[attr_name] unless new_attributes[attr_name].nil?
|
26
26
|
end
|
27
|
+
|
27
28
|
def self.set_attr_and_sym(attr_name, attributes, new_attributes)
|
28
|
-
|
29
|
-
|
29
|
+
set_attr(attr_name, attributes, new_attributes)
|
30
|
+
set_attr(attr_name.to_sym, attributes, new_attributes)
|
30
31
|
end
|
31
32
|
end
|
32
33
|
end
|
@@ -0,0 +1,96 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2018 Tristan Robert
|
4
|
+
|
5
|
+
# This file is part of Fog::Proxmox.
|
6
|
+
|
7
|
+
# Fog::Proxmox is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
|
12
|
+
# Fog::Proxmox is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
|
19
|
+
|
20
|
+
require 'fog/json'
|
21
|
+
require 'fog/proxmox/variables'
|
22
|
+
require 'fog/proxmox/json'
|
23
|
+
|
24
|
+
module Fog
|
25
|
+
module Proxmox
|
26
|
+
# Core module
|
27
|
+
module Auth
|
28
|
+
module Token
|
29
|
+
class AccessTicket
|
30
|
+
include Fog::Proxmox::Auth::Token
|
31
|
+
|
32
|
+
NAME = 'access_ticket'
|
33
|
+
|
34
|
+
attr_reader :csrf_token
|
35
|
+
|
36
|
+
class URIError < RuntimeError; end
|
37
|
+
|
38
|
+
EXPIRATION_DELAY = 2 * 60 * 60
|
39
|
+
|
40
|
+
def auth_method
|
41
|
+
'POST'
|
42
|
+
end
|
43
|
+
|
44
|
+
def auth_path(_params = {})
|
45
|
+
'/access/ticket'
|
46
|
+
end
|
47
|
+
|
48
|
+
def auth_body(params = {})
|
49
|
+
raise URIError, 'URI params is required' if params.nil? || params.empty?
|
50
|
+
|
51
|
+
if params[:proxmox_username].nil? || params[:proxmox_username].empty?
|
52
|
+
raise URIError,
|
53
|
+
'proxmox_username is required'
|
54
|
+
end
|
55
|
+
if params[:proxmox_password].nil? || params[:proxmox_password].empty?
|
56
|
+
raise URIError,
|
57
|
+
'proxmox_password is required'
|
58
|
+
end
|
59
|
+
|
60
|
+
URI.encode_www_form(username: params[:proxmox_username], password: params[:proxmox_password])
|
61
|
+
end
|
62
|
+
|
63
|
+
def headers(method = 'GET', _params = {}, additional_headers = {})
|
64
|
+
headers_hash = {}
|
65
|
+
@data ||= {}
|
66
|
+
unless @data.empty?
|
67
|
+
headers_hash.store('Cookie', "PVEAuthCookie=#{@data['ticket']}")
|
68
|
+
if %w[PUT POST DELETE].include? method
|
69
|
+
headers_hash.store('CSRFPreventionToken', @data['CSRFPreventionToken'])
|
70
|
+
end
|
71
|
+
end
|
72
|
+
headers_hash.merge! additional_headers
|
73
|
+
headers_hash
|
74
|
+
end
|
75
|
+
|
76
|
+
def build_credentials(_proxmox_options, data)
|
77
|
+
@token = data['ticket']
|
78
|
+
@expires = Time.now.utc.to_i + EXPIRATION_DELAY
|
79
|
+
@userid = data['username']
|
80
|
+
@csrf_token = data['CSRFPreventionToken']
|
81
|
+
end
|
82
|
+
|
83
|
+
def missing_credentials(options)
|
84
|
+
missing_credentials = []
|
85
|
+
missing_credentials << :proxmox_username unless options[:proxmox_username]
|
86
|
+
missing_credentials << :proxmox_password unless options[:proxmox_password]
|
87
|
+
return if missing_credentials.empty?
|
88
|
+
|
89
|
+
raise ArgumentError,
|
90
|
+
"Missing required arguments: #{missing_credentials.join(', ')}"
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
end
|
@@ -0,0 +1,107 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2018 Tristan Robert
|
4
|
+
|
5
|
+
# This file is part of Fog::Proxmox.
|
6
|
+
|
7
|
+
# Fog::Proxmox is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
|
12
|
+
# Fog::Proxmox is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
|
19
|
+
|
20
|
+
require 'fog/json'
|
21
|
+
require 'fog/proxmox/variables'
|
22
|
+
require 'fog/proxmox/json'
|
23
|
+
|
24
|
+
module Fog
|
25
|
+
module Proxmox
|
26
|
+
# Core module
|
27
|
+
module Auth
|
28
|
+
module Token
|
29
|
+
class UserToken
|
30
|
+
include Fog::Proxmox::Auth::Token
|
31
|
+
|
32
|
+
NAME = 'user_token'
|
33
|
+
|
34
|
+
attr_reader :token_id
|
35
|
+
|
36
|
+
class URIError < RuntimeError; end
|
37
|
+
|
38
|
+
def auth_method
|
39
|
+
'GET'
|
40
|
+
end
|
41
|
+
|
42
|
+
def auth_path(params = {})
|
43
|
+
raise URIError, 'URI params are required' if params.nil? || params.empty?
|
44
|
+
|
45
|
+
if params[:proxmox_userid].nil? || params[:proxmox_userid].empty?
|
46
|
+
raise URIError,
|
47
|
+
'proxmox_userid is required'
|
48
|
+
end
|
49
|
+
if params[:proxmox_tokenid].nil? || params[:proxmox_tokenid].empty?
|
50
|
+
raise URIError,
|
51
|
+
'proxmox_tokenid is required'
|
52
|
+
end
|
53
|
+
|
54
|
+
"/access/users/#{URI.encode_www_form_component(params[:proxmox_userid])}/token/#{params[:proxmox_tokenid]}"
|
55
|
+
end
|
56
|
+
|
57
|
+
def auth_body(_params = {})
|
58
|
+
''
|
59
|
+
end
|
60
|
+
|
61
|
+
def no_token?(params)
|
62
|
+
(params.respond_to?(:proxmox_token) || params[:proxmox_token].nil? || params[:proxmox_token].empty?) && (@token.nil? || @token.empty?)
|
63
|
+
end
|
64
|
+
|
65
|
+
def set_credentials(params)
|
66
|
+
token = @token
|
67
|
+
token = params[:proxmox_token] if token.empty?
|
68
|
+
token_id = @token_id
|
69
|
+
token_id = params[:proxmox_tokenid] if token_id.empty?
|
70
|
+
userid = @userid
|
71
|
+
userid = params[:proxmox_userid] if userid.empty?
|
72
|
+
{ userid: userid, token_id: token_id, token: token }
|
73
|
+
end
|
74
|
+
|
75
|
+
def headers(_method = 'GET', params = {}, additional_headers = {})
|
76
|
+
raise URIError, 'User token is required' if no_token?(params)
|
77
|
+
|
78
|
+
credentials = set_credentials(params)
|
79
|
+
headers_hash = {}
|
80
|
+
headers_hash.store('Authorization',
|
81
|
+
"PVEAPIToken=#{credentials[:userid]}!#{credentials[:token_id]}=#{credentials[:token]}")
|
82
|
+
headers_hash.merge! additional_headers
|
83
|
+
headers_hash
|
84
|
+
end
|
85
|
+
|
86
|
+
def build_credentials(proxmox_options, data)
|
87
|
+
@expires = data['expire']
|
88
|
+
@token = proxmox_options[:proxmox_token]
|
89
|
+
@token_id = proxmox_options[:proxmox_tokenid]
|
90
|
+
@userid = proxmox_options[:proxmox_userid]
|
91
|
+
end
|
92
|
+
|
93
|
+
def missing_credentials(options)
|
94
|
+
missing_credentials = []
|
95
|
+
missing_credentials << :proxmox_userid unless options[:proxmox_userid]
|
96
|
+
missing_credentials << :proxmox_tokenid unless options[:proxmox_tokenid]
|
97
|
+
missing_credentials << :proxmox_token unless options[:proxmox_token]
|
98
|
+
return if missing_credentials.empty?
|
99
|
+
|
100
|
+
raise ArgumentError,
|
101
|
+
"Missing required arguments: #{missing_credentials.join(', ')}"
|
102
|
+
end
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
106
|
+
end
|
107
|
+
end
|
@@ -0,0 +1,94 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2018 Tristan Robert
|
4
|
+
|
5
|
+
# This file is part of Fog::Proxmox.
|
6
|
+
|
7
|
+
# Fog::Proxmox is free software: you can redistribute it and/or modify
|
8
|
+
# it under the terms of the GNU General Public License as published by
|
9
|
+
# the Free Software Foundation, either version 3 of the License, or
|
10
|
+
# (at your option) any later version.
|
11
|
+
|
12
|
+
# Fog::Proxmox is distributed in the hope that it will be useful,
|
13
|
+
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
14
|
+
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
15
|
+
# GNU General Public License for more details.
|
16
|
+
|
17
|
+
# You should have received a copy of the GNU General Public License
|
18
|
+
# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
|
19
|
+
|
20
|
+
require 'fog/json'
|
21
|
+
require 'fog/core'
|
22
|
+
require 'fog/proxmox/variables'
|
23
|
+
require 'fog/proxmox/json'
|
24
|
+
|
25
|
+
module Fog
|
26
|
+
module Proxmox
|
27
|
+
# Core module
|
28
|
+
module Auth
|
29
|
+
module Token
|
30
|
+
autoload :AccessTicket, 'fog/proxmox/auth/token/access_ticket'
|
31
|
+
autoload :UserToken, 'fog/proxmox/auth/token/user_token'
|
32
|
+
|
33
|
+
attr_reader :userid, :token, :expires, :data
|
34
|
+
|
35
|
+
class ExpiryError < RuntimeError; end
|
36
|
+
class URLError < RuntimeError; end
|
37
|
+
|
38
|
+
def initialize(proxmox_options, options = {})
|
39
|
+
if proxmox_options[:proxmox_url].nil? || proxmox_options[:proxmox_url].empty?
|
40
|
+
raise URLError,
|
41
|
+
'No proxmox_url provided'
|
42
|
+
end
|
43
|
+
|
44
|
+
@token ||= ''
|
45
|
+
@token_id ||= ''
|
46
|
+
@userid ||= ''
|
47
|
+
@data = authenticate(proxmox_options, options)
|
48
|
+
build_credentials(proxmox_options, data)
|
49
|
+
end
|
50
|
+
|
51
|
+
def self.build(proxmox_options, options)
|
52
|
+
unless proxmox_options.key? :proxmox_auth_method
|
53
|
+
raise ArgumentError,
|
54
|
+
'Missing required proxmox_auth_method in options.'
|
55
|
+
end
|
56
|
+
|
57
|
+
auth_method = proxmox_options[:proxmox_auth_method]
|
58
|
+
if auth_method == Fog::Proxmox::Auth::Token::AccessTicket::NAME
|
59
|
+
Fog::Proxmox::Auth::Token::AccessTicket.new(proxmox_options, options)
|
60
|
+
elsif auth_method == Fog::Proxmox::Auth::Token::UserToken::NAME
|
61
|
+
Fog::Proxmox::Auth::Token::UserToken.new(proxmox_options, options)
|
62
|
+
else
|
63
|
+
raise ArgumentError,
|
64
|
+
"Unkown authentication method: #{auth_method}. Only #{Fog::Proxmox::Auth::Token::AccessTicket::NAME} or #{Fog::Proxmox::Auth::Token::UserToken::NAME} are accepted."
|
65
|
+
end
|
66
|
+
end
|
67
|
+
|
68
|
+
def authenticate(proxmox_options, connection_options = {})
|
69
|
+
uri = URI.parse(proxmox_options[:proxmox_url])
|
70
|
+
request = {
|
71
|
+
expects: [200, 201],
|
72
|
+
headers: headers(auth_method, proxmox_options, { Accept: 'application/json' }),
|
73
|
+
body: auth_body(proxmox_options),
|
74
|
+
method: auth_method,
|
75
|
+
path: uri.path + auth_path(proxmox_options)
|
76
|
+
}
|
77
|
+
connection = Fog::Core::Connection.new(
|
78
|
+
uri.to_s,
|
79
|
+
false,
|
80
|
+
connection_options
|
81
|
+
)
|
82
|
+
response = connection.request(request)
|
83
|
+
Json.get_data(response)
|
84
|
+
end
|
85
|
+
|
86
|
+
def expired?
|
87
|
+
raise ExpiryError, 'Missing token expiration data' if @expires.nil? || @expires.empty?
|
88
|
+
|
89
|
+
Time.at(@expires) < Time.now.utc
|
90
|
+
end
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
94
|
+
end
|
@@ -18,11 +18,13 @@
|
|
18
18
|
# frozen_string_literal: true
|
19
19
|
|
20
20
|
require 'fog/proxmox/helpers/disk_helper'
|
21
|
+
require 'fog/proxmox/helpers/controller_helper'
|
21
22
|
|
22
23
|
module Fog
|
23
24
|
module Proxmox
|
24
25
|
class Compute
|
25
|
-
# class Disk model
|
26
|
+
# class Disk model: https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/{qemu|lxc}/{vmid}/config
|
27
|
+
# size is in Gb
|
26
28
|
class Disk < Fog::Model
|
27
29
|
identity :id
|
28
30
|
attribute :volid
|
@@ -56,11 +58,23 @@ module Fog
|
|
56
58
|
end
|
57
59
|
|
58
60
|
def mount_point?
|
59
|
-
|
61
|
+
Fog::Proxmox::DiskHelper.mount_point?(id)
|
60
62
|
end
|
61
63
|
|
62
64
|
def controller?
|
63
|
-
|
65
|
+
Fog::Proxmox::DiskHelper.server_disk?(id)
|
66
|
+
end
|
67
|
+
|
68
|
+
def cloud_init?
|
69
|
+
id != 'ide2' && media == 'cdrom'
|
70
|
+
end
|
71
|
+
|
72
|
+
def hard_disk?
|
73
|
+
controller? && !cdrom? && !cloud_init?
|
74
|
+
end
|
75
|
+
|
76
|
+
def template?
|
77
|
+
Fog::Proxmox::DiskHelper.template?(volid)
|
64
78
|
end
|
65
79
|
|
66
80
|
def flatten
|
@@ -70,6 +84,10 @@ module Fog
|
|
70
84
|
def to_s
|
71
85
|
Fog::Proxmox::Hash.flatten(flatten)
|
72
86
|
end
|
87
|
+
|
88
|
+
def has_volume?
|
89
|
+
!volid.empty?
|
90
|
+
end
|
73
91
|
end
|
74
92
|
end
|
75
93
|
end
|
@@ -17,7 +17,7 @@
|
|
17
17
|
# You should have received a copy of the GNU General Public License
|
18
18
|
# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
|
19
19
|
|
20
|
-
require 'fog/compute/
|
20
|
+
require 'fog/proxmox/compute/models/disk'
|
21
21
|
|
22
22
|
module Fog
|
23
23
|
module Proxmox
|
@@ -31,7 +31,7 @@ module Fog
|
|
31
31
|
end
|
32
32
|
|
33
33
|
def get(id)
|
34
|
-
all.find { |disk| disk.identity
|
34
|
+
all.find { |disk| disk.identity == id }
|
35
35
|
end
|
36
36
|
|
37
37
|
def next_device(controller)
|
@@ -45,6 +45,10 @@ module Fog
|
|
45
45
|
def rootfs
|
46
46
|
find(&:rootfs?)
|
47
47
|
end
|
48
|
+
|
49
|
+
def cloudinit
|
50
|
+
find(&:cloud_init?)
|
51
|
+
end
|
48
52
|
end
|
49
53
|
end
|
50
54
|
end
|
@@ -17,7 +17,7 @@
|
|
17
17
|
|
18
18
|
# frozen_string_literal: true
|
19
19
|
|
20
|
-
require
|
20
|
+
require 'fog/proxmox/helpers/nic_helper'
|
21
21
|
|
22
22
|
module Fog
|
23
23
|
module Proxmox
|
@@ -26,6 +26,7 @@ module Fog
|
|
26
26
|
class Interface < Fog::Model
|
27
27
|
identity :id
|
28
28
|
attribute :macaddr
|
29
|
+
attribute :hwaddr
|
29
30
|
attribute :model
|
30
31
|
attribute :name
|
31
32
|
attribute :ip
|
@@ -38,6 +39,9 @@ module Fog
|
|
38
39
|
attribute :rate
|
39
40
|
attribute :queues
|
40
41
|
attribute :tag
|
42
|
+
attribute :mtu
|
43
|
+
attribute :trunks
|
44
|
+
attribute :type
|
41
45
|
|
42
46
|
def flatten
|
43
47
|
Fog::Proxmox::NicHelper.flatten(attributes)
|
@@ -17,7 +17,7 @@
|
|
17
17
|
# You should have received a copy of the GNU General Public License
|
18
18
|
# along with Fog::Proxmox. If not, see <http://www.gnu.org/licenses/>.
|
19
19
|
|
20
|
-
require 'fog/compute/
|
20
|
+
require 'fog/proxmox/compute/models/interface'
|
21
21
|
require 'fog/proxmox/helpers/controller_helper'
|
22
22
|
|
23
23
|
module Fog
|
@@ -32,7 +32,7 @@ module Fog
|
|
32
32
|
end
|
33
33
|
|
34
34
|
def get(id)
|
35
|
-
all.find { |interface| interface.identity
|
35
|
+
all.find { |interface| interface.identity == id }
|
36
36
|
end
|
37
37
|
|
38
38
|
def next_nicid
|